Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

isearch.babylon.com homepage firefox hijack


  • This topic is locked This topic is locked
35 replies to this topic

#1 strawbaerie

strawbaerie

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 24 August 2012 - 10:29 PM

While trying to install a driver for a usb tablet to reapply pen pressure,a program requested to install babylon but while I said no, it installed anyways. I uninstalled it,it's not present in any add-on on Firefox,and tried resetting both about:plugin and the entire browser. Chrome and IE easily removed it as homepage but it repeated comes back with firefox even after uninstalling Firefox. Even using browser protect add-on does not work, it only blocks temporarily. All the virus protection programs didn't work like Malwarebytes, Superantispyware, Spybot Search and Destroy and Microsoft Security Essentials even run on safe mode. Malwarebytes did find a trojan afterwards but took it out. There's also a window wiht a white screen on startup that I cannot identity that pops up. Even system restore didn't go back far enough to resolve the issue.

Thanks in advanced for your help.

Here's the DDS Log:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Seanna at 20:16:21 on 2012-08-24
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.2103 [GMT -7:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Spybot - Search and Destroy *Disabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\System32\spoolsv.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\Box Sync\UpdateService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\windows\SysWOW64\svchost.exe -k Akamai
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\taskhost.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe
C:\windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler64.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
C:\Program Files\Fujitsu\PSUtility\PSUService.exe
C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe
C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\windows\System32\atwtusb.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe
C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Fujitsu\fjdvrupd\updatenv.exe
C:\Windows\System32\WTMKM.exe
C:\Program Files\Box Sync\BoxSyncHelper.exe
C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\Seanna\AppData\Local\Akamai\netsession_win.exe
C:\Users\Seanna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
C:\Users\Seanna\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\SugarSync\SugarSyncManager.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\Seanna\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files (x86)\Box Edit\Box Edit.exe
C:\Program Files\Box Sync\BoxSync.exe
C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
C:\Users\Seanna\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Windows\Samsung\PanelMgr\SSMMgr.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\Samsung\PanelMgr\caller64.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office15\CsiSyncClient.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Fujitsu\Application Panel\BtnHndHkb.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\system32\taskeng.exe
C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
C:\windows\system32\vssvc.exe
C:\windows\System32\svchost.exe -k swprv
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\atwtusb.exe
C:\Users\Seanna\Desktop\Defogger.exe
C:\windows\system32\conhost.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://solutions.us.fujitsu.com/
mStart Page =
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Microsoft SPFS Browser Helper: {d0498e0a-45b7-42ae-a9aa-aba463dbd3bf} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
uRun: [FileHippo.com] "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
uRun: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [Akamai NetSession Interface] "C:\Users\Seanna\AppData\Local\Akamai\netsession_win.exe"
uRun: [SkyDrive] "C:\Users\Seanna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" /background
uRun: [SugarSync] "C:\Program Files (x86)\SugarSync\SugarSyncManager.exe" -startInTray -usedelay=true
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
uRun: [Spotify Web Helper] "C:\Users\Seanna\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [DriverMax] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -agent
uRun: [DriverMax_RESTART] "C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe" -RESTART
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
mRun: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
mRun: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\Seanna\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Seanna\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Seanna\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BOXEDI~1.LNK - C:\Program Files (x86)\Box Edit\Box Edit.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BOXSYN~1.LNK - C:\Program Files (x86)\Box Sync\BoxSync.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\SECUNI~1.LNK - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Users\Seanna\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Users\Seanna\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Trusted Zone: samsungsetup.com\www
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.1 192.168.0.1
TCP: Interfaces\{91A6DE15-D7CD-4CF3-A0FF-8F49170B8E6B} : DhcpNameServer = 192.168.1.1 192.168.0.1
TCP: Interfaces\{91A6DE15-D7CD-4CF3-A0FF-8F49170B8E6B}\35343475966696 : DhcpNameServer = 10.1.10.1
TCP: Interfaces\{91A6DE15-D7CD-4CF3-A0FF-8F49170B8E6B}\D41647279687 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{91A6DE15-D7CD-4CF3-A0FF-8F49170B8E6B}\E4544574541425 : DhcpNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs: c:\PROGRA~3\BROWSE~1\22565~1.25\{16CDF~1\browsemngr.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: SDHelper - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Microsoft SPFS Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
mRun-x64: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe
mRun-x64: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
mRun-x64: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun-x64: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
mRun-x64: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
AppInit_DLLs-X64: c:\PROGRA~3\BROWSE~1\22565~1.25\{16CDF~1\browsemngr.dll
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Seanna\AppData\Roaming\Mozilla\Firefox\Profiles\6l9w25a9.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=112049&tt=140812_bandext_3312_8&babsrc=HP_ss&mntrId=4605c9af0000000000002ae400fb47fc
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Box Edit\npBoxEdit.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\QuickTime\Plugins\npqtplugin8.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\npspwrap.dll
FF - plugin: C:\Users\Seanna\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Users\Seanna\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Seanna\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
FF - plugin: C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 FBIOSDRV;Fujitsu BIOS Driver;C:\windows\system32\Drivers\FBIOSDRV.sys --> C:\windows\system32\Drivers\FBIOSDRV.sys [?]
R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\system32\DRIVERS\MpFilter.sys --> C:\windows\system32\DRIVERS\MpFilter.sys [?]
R0 MxEFUF;Matrox Extio Upper Function Filter;C:\windows\system32\DRIVERS\MxEFUF64.sys --> C:\windows\system32\DRIVERS\MxEFUF64.sys [?]
R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys --> C:\windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;C:\windows\system32\DRIVERS\vwififlt.sys --> C:\windows\system32\DRIVERS\vwififlt.sys [?]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]
R2 #UpdateService;Box Sync Auto-updater;C:\Program Files\Box Sync\UpdateService.exe [2012-8-18 8704]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-7-27 63960]
R2 Akamai;Akamai NetSession Interface;C:\windows\System32\svchost.exe -k Akamai [2009-7-13 20992]
R2 Browser Manager;Browser Manager;C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-8-15 1697312]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [2012-8-19 67584]
R2 OfficeSvc;Microsoft Office Service;C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-7-28 1492080]
R2 PowerSavingUtilityService;PowerSavingUtilityService;C:\Program Files\Fujitsu\PSUtility\PSUService.exe [2009-7-29 63336]
R2 ScrybeUpdater;Scrybe Updater;C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-5-27 1300264]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-7-6 1395736]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2012-7-25 1326176]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2012-7-25 681056]
R2 SSPORT;SSPORT;\??\C:\windows\system32\Drivers\SSPORT.sys --> C:\windows\system32\Drivers\SSPORT.sys [?]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2011-12-12 2673064]
R2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-4-13 2314240]
R2 UpdateNaviInstallService;UpdateNaviInstallService;C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe [2009-9-29 14336]
R2 VFPRadioSupportService;Bluetooth Feature Support;C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [2009-12-24 145840]
R2 WTService;WTService;C:\windows\System32\atwtusb.exe -s --> C:\windows\System32\atwtusb.exe -s [?]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\windows\system32\drivers\FUJ02E3.sys --> C:\windows\system32\drivers\FUJ02E3.sys [?]
R3 HECIx64;Intel® Management Engine Interface;C:\windows\system32\drivers\HECIx64.sys --> C:\windows\system32\drivers\HECIx64.sys [?]
R3 Impcd;Impcd;C:\windows\system32\DRIVERS\Impcd.sys --> C:\windows\system32\DRIVERS\Impcd.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\windows\system32\DRIVERS\LEqdUsb.Sys --> C:\windows\system32\DRIVERS\LEqdUsb.Sys [?]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\windows\system32\DRIVERS\LHidEqd.Sys --> C:\windows\system32\DRIVERS\LHidEqd.Sys [?]
R3 pmkbdfltr;PenMount Keyboard Device Filter Driver;C:\windows\system32\DRIVERS\pmkbdfltr.sys --> C:\windows\system32\DRIVERS\pmkbdfltr.sys [?]
R3 PSI;PSI;C:\windows\system32\DRIVERS\psi_mf.sys --> C:\windows\system32\DRIVERS\psi_mf.sys [?]
R3 qicflt;upper Device Filter Driver;C:\windows\system32\DRIVERS\qicflt.sys --> C:\windows\system32\DRIVERS\qicflt.sys [?]
R3 RTLE8023x64;Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) Driver;C:\windows\system32\DRIVERS\Rtenic64.sys --> C:\windows\system32\DRIVERS\Rtenic64.sys [?]
R3 SmbDrvI;SmbDrvI;C:\windows\system32\DRIVERS\Smb_driver_Intel.sys --> C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [?]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\windows\system32\DRIVERS\vwifimp.sys --> C:\windows\system32\DRIVERS\vwifimp.sys [?]
S1 aiptektp;Pen Pad;C:\windows\system32\DRIVERS\aiptektp.sys --> C:\windows\system32\DRIVERS\aiptektp.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-8 116648]
S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2010-12-27 1153368]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-6-7 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-1-5 250568]
S3 fssfltr;fssfltr;C:\windows\system32\DRIVERS\fssfltr.sys --> C:\windows\system32\DRIVERS\fssfltr.sys [?]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-7-28 1511872]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-7-8 116648]
S3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;C:\Windows\System32\drivers\libusb0.sys [2011-10-7 21504]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-8-24 113120]
S3 NisDrv;Microsoft Network Inspection System;C:\windows\system32\DRIVERS\NisDrvWFP.sys --> C:\windows\system32\DRIVERS\NisDrvWFP.sys [?]
S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-7-22 5132888]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\system32\Drivers\RtsUStor.sys --> C:\windows\system32\Drivers\RtsUStor.sys [?]
S3 RTL8167;Realtek 8167 NT Driver;C:\windows\system32\DRIVERS\Rt64win7.sys --> C:\windows\system32\DRIVERS\Rt64win7.sys [?]
S3 RTL8168;Realtek 8168 NT Driver;C:\windows\system32\DRIVERS\Rt630x64.sys --> C:\windows\system32\DRIVERS\Rt630x64.sys [?]
S3 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-7-6 1188896]
S3 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-7-6 166528]
S3 SmbDrv;SmbDrv;C:\windows\system32\DRIVERS\Smb_driver.sys --> C:\windows\system32\DRIVERS\Smb_driver.sys [?]
S3 SmbDrvIntel;SmbDrvIntel;C:\windows\system32\DRIVERS\Smb_driver_Intel.sys --> C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\system32\Drivers\usbaapl64.sys --> C:\windows\system32\Drivers\usbaapl64.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 WSDPrintDevice;WSD Print Support via UMB;C:\windows\system32\DRIVERS\WSDPrint.sys --> C:\windows\system32\DRIVERS\WSDPrint.sys [?]
S3 WSDScan;WSD Scan Support via UMB;C:\windows\system32\DRIVERS\WSDScan.sys --> C:\windows\system32\DRIVERS\WSDScan.sys [?]
.
=============== Created Last 30 ================
.
2012-08-24 22:14:51 -------- d-sh--w- C:\$RECYCLE.BIN
2012-08-24 05:31:58 -------- d-----w- C:\Program Files\Box Sync
2012-08-24 04:57:34 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{961998C6-E3F0-4B41-936E-025EF507028D}\mpengine.dll
2012-08-23 06:05:39 9309624 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-08-23 01:06:12 -------- d-----w- C:\Python27
2012-08-22 23:34:51 -------- d-----w- C:\Program Files\GIMP 2
2012-08-22 21:36:32 -------- d-----w- C:\Program Files (x86)\VS Revo Group
2012-08-19 07:28:32 -------- d-----w- C:\Users\Seanna\DoctorWeb
2012-08-19 07:24:41 -------- d-----w- C:\Users\Seanna\AppData\Local\Secunia PSI
2012-08-19 07:24:16 256904 ----a-w- C:\windows\SysWow64\drivers\tmcomm.sys
2012-08-19 07:24:16 -------- d-----w- C:\Program Files (x86)\Secunia
2012-08-19 07:01:23 -------- d-----w- C:\Program Files (x86)\Cobian Backup 11
2012-08-19 05:25:45 -------- d-----w- C:\ProgramData\HitmanPro
2012-08-18 06:12:14 -------- d-----w- C:\Users\Seanna\AppData\Roaming\Malwarebytes
2012-08-18 06:11:54 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-18 06:11:50 24904 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-08-18 06:11:50 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-18 05:47:13 -------- d-----w- C:\Users\Seanna\AppData\Roaming\Safer Networking
2012-08-18 05:45:42 -------- d-----w- C:\Program Files (x86)\Safer Networking
2012-08-18 04:35:24 -------- d-----w- C:\Program Files (x86)\Trend Micro
2012-08-17 03:05:29 7680 ----a-w- C:\windows\System32\drivers\moufiltr.sys
2012-08-17 03:05:29 7552 ----a-w- C:\windows\System32\drivers\walvhid.sys
2012-08-17 03:05:29 -------- d-----w- C:\windows\vhid
2012-08-17 03:04:34 -------- d-----w- C:\windows\udtablet
2012-08-17 03:04:21 -------- d-----w- C:\windows\calib_da
2012-08-17 02:40:50 -------- d-----w- C:\Users\Seanna\AppData\Local\Adobe
2012-08-16 21:51:50 -------- d-----w- C:\Program Files (x86)\Evernote
2012-08-16 08:49:51 -------- d-----w- C:\windows\SysWow64\Extensions
2012-08-16 08:49:48 -------- d-----w- C:\windows\SysWow64\searchplugins
2012-08-16 06:57:07 -------- d-----w- C:\ProgramData\Browser Manager
2012-08-16 01:55:34 27960 ----a-w- C:\windows\System32\drivers\Smb_driver_Intel.sys
2012-08-15 20:01:59 552960 ----a-w- C:\windows\System32\drivers\bthport.sys
2012-08-15 19:33:27 108008 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll
2012-08-15 18:46:50 -------- d-----w- C:\windows\CheckSur
2012-08-15 05:36:20 59392 ----a-w- C:\windows\System32\browcli.dll
2012-08-15 05:36:20 136704 ----a-w- C:\windows\System32\browser.dll
2012-08-15 05:36:19 41984 ----a-w- C:\windows\SysWow64\browcli.dll
2012-08-15 05:36:16 3148800 ----a-w- C:\windows\System32\win32k.sys
2012-08-15 05:36:04 751104 ----a-w- C:\windows\System32\win32spl.dll
2012-08-15 05:36:03 559104 ----a-w- C:\windows\System32\spoolsv.exe
2012-08-15 05:36:02 67072 ----a-w- C:\windows\splwow64.exe
2012-08-15 05:36:02 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2012-08-15 05:21:08 956928 ----a-w- C:\windows\System32\localspl.dll
2012-08-15 00:04:10 3718144 ----a-w- C:\windows\System32\drivers\athrx.sys
2012-08-14 00:33:16 18832 ----a-w- C:\windows\System32\drivers\pmkbdfltr.sys
2012-08-13 04:02:39 -------- d-----w- C:\windows\en
2012-08-13 03:55:30 57280 ----a-w- C:\windows\System32\drivers\fssfltr.sys
2012-08-13 03:52:50 77656 ----a-w- C:\windows\System32\XAPOFX1_5.dll
2012-08-13 03:52:50 74072 ----a-w- C:\windows\SysWow64\XAPOFX1_5.dll
2012-08-13 03:52:50 527192 ----a-w- C:\windows\SysWow64\XAudio2_7.dll
2012-08-13 03:52:50 518488 ----a-w- C:\windows\System32\XAudio2_7.dll
2012-08-13 03:52:49 2526056 ----a-w- C:\windows\System32\D3DCompiler_43.dll
2012-08-13 03:52:49 2106216 ----a-w- C:\windows\SysWow64\D3DCompiler_43.dll
2012-08-13 03:52:48 276832 ----a-w- C:\windows\System32\d3dx11_43.dll
2012-08-13 03:52:48 248672 ----a-w- C:\windows\SysWow64\d3dx11_43.dll
2012-08-13 03:46:01 5563840 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\223878571cd790605\skydrivesetup.exe
2012-08-13 03:45:50 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1cd7702d1cd790604\DXSETUP.exe
2012-08-13 03:45:49 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1cd7702d1cd790604\DSETUP.dll
2012-08-13 03:45:49 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\1cd7702d1cd790604\dsetup32.dll
2012-08-13 03:45:39 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\177222341cd790602\DXSETUP.exe
2012-08-13 03:45:39 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\177222341cd790602\dsetup32.dll
2012-08-13 03:45:38 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\177222341cd790602\DSETUP.dll
2012-08-13 03:45:25 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\10e73bad1cd790601\DXSETUP.exe
2012-08-13 03:45:24 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\10e73bad1cd790601\DSETUP.dll
2012-08-13 03:45:24 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\10e73bad1cd790601\dsetup32.dll
2012-08-06 02:51:28 53248 ----a-r- C:\Users\Seanna\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-08-06 02:51:08 18960 ----a-w- C:\windows\System32\drivers\LNonPnP.sys
2012-08-06 02:45:32 -------- d-----w- C:\Users\Seanna\AppData\Roaming\Logishrd
2012-08-03 01:16:03 34152 ----a-w- C:\windows\System32\drivers\GEARAspiWDM.sys
2012-08-03 01:16:03 126312 ----a-w- C:\windows\System32\GEARAspi64.dll
2012-08-03 01:16:03 107368 ----a-w- C:\windows\SysWow64\GEARAspi.dll
2012-08-03 01:14:38 -------- d-----w- C:\Program Files\iPod
2012-08-03 01:14:36 -------- d-----w- C:\Program Files\iTunes
2012-08-03 01:14:36 -------- d-----w- C:\Program Files (x86)\iTunes
2012-08-02 21:05:12 -------- d-----w- C:\found.000
2012-07-29 05:53:46 460424 ----a-w- C:\ProgramData\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2012-07-29 05:41:29 -------- d-----w- C:\Program Files\Microsoft Office 15
2012-07-28 10:09:02 57792 ----a-w- C:\windows\SysWow64\sirenacm.dll
2012-07-28 09:54:00 321472 ----a-w- C:\windows\WLXPGSS.SCR
2012-07-27 20:51:30 184248 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2012-07-27 02:08:06 862664 ----a-w- C:\windows\SysWow64\msvcr110.dll
2012-07-27 02:08:06 534480 ----a-w- C:\windows\SysWow64\msvcp110.dll
2012-07-27 02:08:06 251864 ----a-w- C:\windows\SysWow64\vccorlib110.dll
2012-07-27 02:08:06 153536 ----a-w- C:\windows\SysWow64\atl110.dll
2012-07-27 02:08:06 115656 ----a-w- C:\windows\SysWow64\vcomp110.dll
2012-07-26 22:22:10 828872 ----a-w- C:\windows\System32\msvcr110.dll
2012-07-26 22:22:10 661448 ----a-w- C:\windows\System32\msvcp110.dll
2012-07-26 22:22:10 354264 ----a-w- C:\windows\System32\vccorlib110.dll
2012-07-26 22:22:10 177096 ----a-w- C:\windows\System32\atl110.dll
2012-07-26 22:22:10 124360 ----a-w- C:\windows\System32\vcomp110.dll
.
==================== Find3M ====================
.
2012-08-23 01:25:33 73416 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-23 01:25:33 696520 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-08-15 19:33:14 916456 ----a-w- C:\windows\System32\deployJava1.dll
2012-08-15 19:33:14 1034216 ----a-w- C:\windows\System32\npdeployJava1.dll
2012-07-17 22:14:44 253184 ----a-w- C:\windows\System32\LIVESSP.DLL
2012-07-17 21:49:00 209648 ----a-w- C:\windows\SysWow64\LIVESSP.DLL
2012-07-06 05:06:30 772544 ----a-w- C:\windows\SysWow64\npDeployJava1.dll
2012-07-06 05:06:20 687544 ----a-w- C:\windows\SysWow64\deployJava1.dll
2012-06-29 03:56:34 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-06-25 23:04:24 1394248 ----a-w- C:\windows\SysWow64\msxml4.dll
2012-06-13 06:41:22 74344 ----a-w- C:\windows\System32\RtNicProp64.dll
2012-06-13 06:41:22 683664 ----a-w- C:\windows\System32\drivers\Rt630x64.sys
2012-06-12 23:40:30 568640 ----a-w- C:\windows\System32\drivers\iaStor.sys
2012-06-12 16:42:54 283200 ----a-w- C:\windows\System32\drivers\dtsoftbus01.sys
2012-06-06 15:49:52 1070152 ----a-w- C:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06:16 2004480 ----a-w- C:\windows\System32\msxml6.dll
2012-06-06 06:06:16 1881600 ----a-w- C:\windows\System32\msxml3.dll
2012-06-06 06:02:54 1133568 ----a-w- C:\windows\System32\cdosys.dll
2012-06-06 05:05:52 1390080 ----a-w- C:\windows\SysWow64\msxml6.dll
2012-06-06 05:05:52 1236992 ----a-w- C:\windows\SysWow64\msxml3.dll
2012-06-06 05:03:06 805376 ----a-w- C:\windows\SysWow64\cdosys.dll
2012-06-02 22:19:42 186752 ----a-w- C:\windows\System32\wuwebv.dll
2012-06-02 22:15:31 2622464 ----a-w- C:\windows\System32\wucltux.dll
2012-06-02 22:15:12 36864 ----a-w- C:\windows\System32\wuapp.exe
2012-06-02 22:15:08 99840 ----a-w- C:\windows\System32\wudriver.dll
2012-06-02 05:50:10 458704 ----a-w- C:\windows\System32\drivers\cng.sys
2012-06-02 05:48:16 95600 ----a-w- C:\windows\System32\drivers\ksecdd.sys
2012-06-02 05:48:16 151920 ----a-w- C:\windows\System32\drivers\ksecpkg.sys
2012-06-02 05:45:31 340992 ----a-w- C:\windows\System32\schannel.dll
2012-06-02 05:44:21 307200 ----a-w- C:\windows\System32\ncrypt.dll
2012-06-02 04:40:42 22016 ----a-w- C:\windows\SysWow64\secur32.dll
2012-06-02 04:40:39 225280 ----a-w- C:\windows\SysWow64\schannel.dll
2012-06-02 04:39:10 219136 ----a-w- C:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34:09 96768 ----a-w- C:\windows\SysWow64\sspicli.dll
.
============= FINISH: 20:18:19.36 ===============

Edited by strawbaerie, 24 August 2012 - 10:30 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:22 AM

Posted 27 August 2012 - 12:07 AM

Greetings and Welcome to The Forums!!

My name is Gringo and I'll be glad to help you with your computer problems.

I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of hartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

Security Check

  • Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you recieve an error "Illegal operation attempted on a registery key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 strawbaerie

strawbaerie
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 27 August 2012 - 01:01 PM

Hi Gringo,

Thanks for the fast reply.
Here's the Security Check log:

Results of screen317's Security Check version 0.99.46
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 9
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
MVPS Hosts File
Spybot - Search & Destroy
Secunia PSI (3.0.0.3001)
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java™ 6 Update 27
Java™ 7 Update 5
Java™ SE Development Kit 6 Update 24
Java version out of Date!
Adobe Reader X (10.1.4)
Mozilla Firefox (14.0.1)
Google Chrome 21.0.1180.79
Google Chrome 21.0.1180.83
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


Here's the Combofix Log ( I ran it before awhile ago but it didn't work unless I did it in Safe Mode so I did that this time, tell me if you want me to run it again, previously it had found a syswow64 and cleaned it up twice)

ComboFix 12-08-25.04 - Seanna 08/27/2012 10:15:23.9.4 - x64 MINIMAL
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3893.2696 [GMT -7:00]
Running from: c:\users\Seanna\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}
SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}
SP: Spybot - Search and Destroy *Disabled/Updated* {1EAF1D03-5480-F3B2-EB14-11F0F5EE2699}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2012-07-27 to 2012-08-27 )))))))))))))))))))))))))))))))
.
.
2012-08-27 17:28 . 2012-08-27 17:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-08-27 17:04 . 2012-08-01 22:58 9309624 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A623FDE3-AA60-42EC-82E6-A88283D5A20D}\mpengine.dll
2012-08-27 16:51 . 2012-08-27 16:50 927800 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{CAA6E21C-0322-45B8-AF05-18A57D481AAB}\gapaengine.dll
2012-08-27 16:47 . 2012-08-27 16:47 -------- d-----w- c:\program files (x86)\Microsoft Security Client
2012-08-27 16:47 . 2012-08-27 16:47 -------- d-----w- c:\program files\Microsoft Security Client
2012-08-25 01:59 . 2012-08-25 01:59 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
2012-08-24 05:31 . 2012-08-24 05:32 -------- d-----w- c:\program files\Box Sync
2012-08-23 01:06 . 2012-08-23 01:06 -------- d-----w- C:\Python27
2012-08-22 23:34 . 2012-08-22 23:36 -------- d-----w- c:\program files\GIMP 2
2012-08-22 21:36 . 2012-08-22 21:36 -------- d-----w- c:\program files (x86)\VS Revo Group
2012-08-19 07:28 . 2012-08-19 17:31 -------- d-----w- c:\users\Seanna\DoctorWeb
2012-08-19 07:24 . 2012-08-19 07:24 -------- d-----w- c:\users\Seanna\AppData\Local\Secunia PSI
2012-08-19 07:24 . 2012-08-19 18:50 -------- d-----w- c:\program files (x86)\Secunia
2012-08-19 07:24 . 2012-06-05 07:37 256904 ----a-w- c:\windows\SysWow64\drivers\tmcomm.sys
2012-08-19 07:01 . 2012-08-19 18:52 -------- d-----w- c:\program files (x86)\Cobian Backup 11
2012-08-19 05:25 . 2012-08-19 05:26 -------- d-----w- c:\programdata\HitmanPro
2012-08-18 06:12 . 2012-08-19 18:50 -------- d-----w- c:\users\Seanna\AppData\Roaming\Malwarebytes
2012-08-18 06:11 . 2012-08-19 18:50 -------- d-----w- c:\programdata\Malwarebytes
2012-08-18 06:11 . 2012-08-19 18:51 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-18 06:11 . 2012-07-03 20:46 24904 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-08-18 05:47 . 2012-08-18 05:47 -------- d-----w- c:\users\Seanna\AppData\Roaming\Safer Networking
2012-08-18 05:45 . 2012-08-19 18:13 -------- d-----w- c:\program files (x86)\Safer Networking
2012-08-18 04:35 . 2012-08-19 18:50 -------- d-----w- c:\program files (x86)\Trend Micro
2012-08-17 03:05 . 2012-08-19 18:51 -------- d-----w- c:\windows\vhid
2012-08-17 03:05 . 2009-08-26 20:15 7552 ----a-w- c:\windows\system32\drivers\walvhid.sys
2012-08-17 03:05 . 2009-03-09 02:16 7680 ----a-w- c:\windows\system32\drivers\moufiltr.sys
2012-08-17 03:04 . 2012-08-19 18:51 -------- d-----w- c:\windows\udtablet
2012-08-17 03:04 . 2012-08-19 18:52 -------- d-----w- c:\windows\calib_da
2012-08-17 02:40 . 2012-08-23 01:22 -------- d-----w- c:\users\Seanna\AppData\Local\Adobe
2012-08-16 21:51 . 2012-08-19 18:50 -------- d-----w- c:\program files (x86)\Evernote
2012-08-16 08:49 . 2012-08-16 08:49 -------- d-----w- c:\windows\SysWow64\Extensions
2012-08-16 08:49 . 2012-08-16 08:49 -------- d-----w- c:\windows\SysWow64\searchplugins
2012-08-16 06:57 . 2012-08-16 06:57 -------- d-----w- c:\programdata\Browser Manager
2012-08-16 01:55 . 2012-07-06 04:43 27960 ----a-w- c:\windows\system32\drivers\Smb_driver_Intel.sys
2012-08-15 20:01 . 2012-07-06 20:07 552960 ----a-w- c:\windows\system32\drivers\bthport.sys
2012-08-15 19:33 . 2012-08-15 19:33 289768 ----a-w- c:\windows\system32\javaws.exe
2012-08-15 19:33 . 2012-08-15 19:33 108008 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2012-08-15 19:33 . 2012-08-15 19:33 189416 ----a-w- c:\windows\system32\javaw.exe
2012-08-15 19:33 . 2012-08-15 19:33 188904 ----a-w- c:\windows\system32\java.exe
2012-08-15 18:46 . 2012-08-15 18:46 -------- d-----w- c:\windows\CheckSur
2012-08-15 05:36 . 2012-07-04 22:16 73216 ----a-w- c:\windows\system32\netapi32.dll
2012-08-15 05:36 . 2012-07-04 22:13 59392 ----a-w- c:\windows\system32\browcli.dll
2012-08-15 05:36 . 2012-07-04 22:13 136704 ----a-w- c:\windows\system32\browser.dll
2012-08-15 05:36 . 2012-07-04 21:14 41984 ----a-w- c:\windows\SysWow64\browcli.dll
2012-08-15 05:36 . 2012-07-18 18:15 3148800 ----a-w- c:\windows\system32\win32k.sys
2012-08-15 05:36 . 2012-02-11 06:43 751104 ----a-w- c:\windows\system32\win32spl.dll
2012-08-15 05:36 . 2012-02-11 06:36 559104 ----a-w- c:\windows\system32\spoolsv.exe
2012-08-15 05:36 . 2012-02-11 06:36 67072 ----a-w- c:\windows\splwow64.exe
2012-08-15 05:36 . 2012-02-11 05:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2012-08-15 05:21 . 2012-05-14 05:26 956928 ----a-w- c:\windows\system32\localspl.dll
2012-08-15 00:04 . 2012-07-24 15:03 3718144 ----a-w- c:\windows\system32\drivers\athrx.sys
2012-08-14 00:33 . 2012-08-01 23:01 18832 ----a-w- c:\windows\system32\drivers\pmkbdfltr.sys
2012-08-13 04:02 . 2012-08-13 04:02 -------- d-----w- c:\windows\en
2012-08-13 03:55 . 2012-07-28 09:15 57280 ----a-w- c:\windows\system32\drivers\fssfltr.sys
2012-08-13 03:52 . 2010-06-02 11:55 77656 ----a-w- c:\windows\system32\XAPOFX1_5.dll
2012-08-13 03:52 . 2010-06-02 11:55 74072 ----a-w- c:\windows\SysWow64\XAPOFX1_5.dll
2012-08-13 03:52 . 2010-06-02 11:55 527192 ----a-w- c:\windows\SysWow64\XAudio2_7.dll
2012-08-13 03:52 . 2010-06-02 11:55 518488 ----a-w- c:\windows\system32\XAudio2_7.dll
2012-08-13 03:52 . 2010-05-26 18:41 2526056 ----a-w- c:\windows\system32\D3DCompiler_43.dll
2012-08-13 03:52 . 2010-05-26 18:41 2106216 ----a-w- c:\windows\SysWow64\D3DCompiler_43.dll
2012-08-13 03:52 . 2010-05-26 18:41 276832 ----a-w- c:\windows\system32\d3dx11_43.dll
2012-08-13 03:52 . 2010-05-26 18:41 248672 ----a-w- c:\windows\SysWow64\d3dx11_43.dll
2012-08-13 03:46 . 2012-08-13 03:46 5563840 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\223878571cd790605\skydrivesetup.exe
2012-08-13 03:45 . 2012-08-13 03:45 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1cd7702d1cd790604\DXSETUP.exe
2012-08-13 03:45 . 2012-08-13 03:45 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1cd7702d1cd790604\dsetup32.dll
2012-08-13 03:45 . 2012-08-13 03:45 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\1cd7702d1cd790604\DSETUP.dll
2012-08-13 03:45 . 2012-08-13 03:45 525656 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\177222341cd790602\DXSETUP.exe
2012-08-13 03:45 . 2012-08-13 03:45 1691480 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\177222341cd790602\dsetup32.dll
2012-08-13 03:45 . 2012-08-13 03:45 94040 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\177222341cd790602\DSETUP.dll
2012-08-13 03:45 . 2012-08-13 03:45 537432 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\10e73bad1cd790601\DXSETUP.exe
2012-08-13 03:45 . 2012-08-13 03:45 1801048 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\10e73bad1cd790601\dsetup32.dll
2012-08-13 03:45 . 2012-08-13 03:45 89944 ----a-w- c:\program files (x86)\Common Files\Windows Live\.cache\10e73bad1cd790601\DSETUP.dll
2012-08-06 02:52 . 2012-08-07 01:26 -------- d-----w- c:\programdata\Logitech
2012-08-06 02:51 . 2012-08-06 02:51 -------- d-----w- c:\users\Seanna\AppData\Roaming\Leadertech
2012-08-06 02:51 . 2012-08-06 02:51 53248 ----a-r- c:\users\Seanna\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2012-08-06 02:51 . 2012-08-06 02:51 -------- d-----w- c:\program files (x86)\Common Files\LogiShrd
2012-08-06 02:51 . 2012-08-06 02:51 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2012-08-06 02:49 . 2012-08-06 02:57 -------- d-----w- c:\programdata\Logishrd
2012-08-06 02:49 . 2012-08-07 01:26 -------- d-----w- c:\program files\Logitech
2012-08-06 02:48 . 2012-08-07 01:41 -------- d-----w- c:\program files\Common Files\Logishrd
2012-08-06 02:45 . 2012-08-06 02:52 -------- d-----w- c:\users\Seanna\AppData\Roaming\Logitech
2012-08-06 02:45 . 2012-08-06 02:46 -------- d-----w- c:\users\Seanna\AppData\Roaming\Logishrd
2012-08-03 01:16 . 2009-05-18 20:17 34152 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-08-03 01:16 . 2008-04-17 19:12 126312 ----a-w- c:\windows\system32\GEARAspi64.dll
2012-08-03 01:16 . 2008-04-17 19:12 107368 ----a-w- c:\windows\SysWow64\GEARAspi.dll
2012-08-03 01:14 . 2012-08-03 01:14 -------- d-----w- c:\program files\iPod
2012-08-03 01:14 . 2012-08-03 01:15 -------- d-----w- c:\program files\iTunes
2012-08-03 01:14 . 2012-08-03 01:15 -------- d-----w- c:\program files (x86)\iTunes
2012-08-02 21:05 . 2012-08-02 21:05 -------- d-----w- C:\found.000
2012-07-30 22:59 . 2012-07-30 23:02 -------- d-----w- c:\programdata\Roxio
2012-07-29 05:53 . 2012-07-29 05:46 460424 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2012-07-29 05:41 . 2012-07-29 05:41 -------- d-----w- c:\program files\Microsoft Office 15
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-23 01:25 . 2012-01-06 06:11 696520 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-08-23 01:25 . 2011-05-13 14:55 73416 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 19:33 . 2011-12-13 15:48 1034216 ----a-w- c:\windows\system32\npdeployJava1.dll
2012-08-15 19:33 . 2010-12-27 20:02 916456 ----a-w- c:\windows\system32\deployJava1.dll
2012-08-15 17:30 . 2010-12-27 08:46 62134624 ----a-w- c:\windows\system32\MRT.exe
2012-07-28 10:09 . 2012-07-28 10:09 57792 ----a-w- c:\windows\SysWow64\sirenacm.dll
2012-07-28 09:54 . 2012-07-28 09:54 321472 ----a-w- c:\windows\WLXPGSS.SCR
2012-07-27 02:08 . 2012-07-27 02:08 862664 ----a-w- c:\windows\SysWow64\msvcr110.dll
2012-07-27 02:08 . 2012-07-27 02:08 534480 ----a-w- c:\windows\SysWow64\msvcp110.dll
2012-07-27 02:08 . 2012-07-27 02:08 251864 ----a-w- c:\windows\SysWow64\vccorlib110.dll
2012-07-27 02:08 . 2012-07-27 02:08 153536 ----a-w- c:\windows\SysWow64\atl110.dll
2012-07-27 02:08 . 2012-07-27 02:08 115656 ----a-w- c:\windows\SysWow64\vcomp110.dll
2012-07-26 22:22 . 2012-07-26 22:22 828872 ----a-w- c:\windows\system32\msvcr110.dll
2012-07-26 22:22 . 2012-07-26 22:22 661448 ----a-w- c:\windows\system32\msvcp110.dll
2012-07-26 22:22 . 2012-07-26 22:22 354264 ----a-w- c:\windows\system32\vccorlib110.dll
2012-07-26 22:22 . 2012-07-26 22:22 177096 ----a-w- c:\windows\system32\atl110.dll
2012-07-26 22:22 . 2012-07-26 22:22 124360 ----a-w- c:\windows\system32\vcomp110.dll
2012-07-17 22:14 . 2012-07-17 22:14 253184 ----a-w- c:\windows\system32\LIVESSP.DLL
2012-07-17 21:49 . 2012-07-17 21:49 209648 ----a-w- c:\windows\SysWow64\LIVESSP.DLL
2012-07-17 21:37 . 2012-07-17 21:37 19736 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-07-06 05:06 . 2012-07-20 17:58 772544 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-07-06 05:06 . 2011-01-09 23:26 687544 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-06-25 23:04 . 2012-06-25 23:04 1394248 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-06-13 06:41 . 2012-07-08 23:34 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2012-06-13 06:41 . 2012-07-08 23:34 683664 ----a-w- c:\windows\system32\drivers\Rt630x64.sys
2012-06-12 23:40 . 2012-07-18 17:08 568640 ----a-w- c:\windows\system32\drivers\iaStor.sys
2012-06-12 16:42 . 2012-06-12 16:42 283200 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2012-06-09 05:43 . 2012-07-11 16:47 14172672 ----a-w- c:\windows\system32\shell32.dll
2012-06-06 15:49 . 2012-06-06 15:49 1070152 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2012-06-06 06:06 . 2012-07-11 16:47 2004480 ----a-w- c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-11 16:47 1881600 ----a-w- c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-11 16:47 1133568 ----a-w- c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-11 16:47 1390080 ----a-w- c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-11 16:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-11 16:47 805376 ----a-w- c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-06-22 16:53 38424 ----a-w- c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-06-22 16:53 2428952 ----a-w- c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-06-22 16:53 57880 ----a-w- c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-06-22 16:53 44056 ----a-w- c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-06-22 16:52 186752 ----a-w- c:\windows\system32\wuwebv.dll
2012-06-02 22:19 . 2012-06-22 16:53 701976 ----a-w- c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-06-22 16:53 2622464 ----a-w- c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-06-22 16:52 36864 ----a-w- c:\windows\system32\wuapp.exe
2012-06-02 22:15 . 2012-06-22 16:53 99840 ----a-w- c:\windows\system32\wudriver.dll
2012-06-02 05:50 . 2012-07-11 16:47 458704 ----a-w- c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-11 16:47 151920 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-11 16:47 95600 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-11 16:47 340992 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-11 16:47 307200 ----a-w- c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-11 16:47 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-11 16:47 225280 ----a-w- c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-11 16:47 219136 ----a-w- c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-11 16:47 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
2012-07-29 06:10 2042504 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-13 03:49 220608 ----a-w- c:\users\Seanna\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-13 03:49 220608 ----a-w- c:\users\Seanna\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-13 03:49 220608 ----a-w- c:\users\Seanna\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-07-29 06:10 2042504 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-07-29 06:10 2042504 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-07-29 06:10 2042504 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Seanna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Seanna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 94208 ----a-w- c:\users\Seanna\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FileHippo.com"="c:\program files (x86)\FileHippo.com\UpdateChecker.exe" [2012-03-26 306688]
"Rainlendar2"="c:\program files (x86)\Rainlendar2\Rainlendar2.exe" [2012-07-02 2498048]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-07-23 5661056]
"iCloudServices"="c:\program files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe" [2012-02-23 59240]
"Akamai NetSession Interface"="c:\users\Seanna\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]
"SkyDrive"="c:\users\Seanna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe" [2012-08-13 238528]
"SugarSync"="c:\program files (x86)\SugarSync\SugarSyncManager.exe" [2012-07-13 9798776]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2012-07-20 12218904]
"Spybot-S&D Cleaning"="c:\program files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" [2012-07-04 3527176]
"Spotify Web Helper"="c:\users\Seanna\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2012-07-20 1193176]
"DriverMax"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-07-31 11324352]
"DriverMax_RESTART"="c:\program files (x86)\Innovative Solutions\DriverMax\drivermax.exe" [2012-07-31 11324352]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-06 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LoadFUJ02E3"="c:\program files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe" [2009-10-09 36712]
"IndicatorUtility"="c:\program files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2009-10-10 47976]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\SSMMgr.exe" [2010-06-23 618496]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2012-07-04 3921432]
.
c:\users\Seanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Seanna\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-7-24 26909544]
EvernoteClipper.lnk - c:\program files (x86)\Evernote\Evernote\EvernoteClipper.exe [2012-8-14 1014624]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Box Edit.lnk - c:\program files (x86)\Box Edit\Box Edit.exe [2012-4-2 459840]
Box Sync.lnk - c:\program files\Box Sync\BoxSync.exe [2012-8-18 8709632]
Secunia PSI Tray.lnk - c:\program files (x86)\Secunia\PSI\psi_tray.exe [2012-7-25 572000]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~3\BROWSE~1\22565~1.25\{16CDF~1\browsemngr.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
"YouCam Mirage"="c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe"
"YouCam Tray"="c:\program files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" -atboottime
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
.
R1 aiptektp;Pen Pad;c:\windows\system32\DRIVERS\aiptektp.sys [2007-07-27 29696]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 8704pdateService;Box Sync Auto-updater;c:\program files\Box Sync\UpdateService.exe [2012-08-18 8704]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]
R2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
R2 Browser Manager;Browser Manager;c:\programdata\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe [2012-08-16 1697312]
R2 cbVSCService11;Cobian Backup 11 Volume Shadow Copy Requester;c:\program files (x86)\Cobian Backup 11\cbVSCService11.exe [2012-07-31 67584]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-09 116648]
R2 OfficeSvc;Microsoft Office Service;c:\program files\Microsoft Office 15\ClientX64\integratedoffice.exe [2012-07-22 1492080]
R2 PowerSavingUtilityService;PowerSavingUtilityService;c:\program files\Fujitsu\PSUtility\PSUService.exe [2009-07-30 63336]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 ScrybeUpdater;Scrybe Updater;c:\program files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe [2011-05-27 1300264]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2012-07-04 1395736]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe [2012-07-25 1326176]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe [2012-07-25 681056]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-08 160944]
R2 SSPORT;SSPORT;c:\windows\system32\Drivers\SSPORT.sys [2010-06-09 11576]
R2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
R2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
R2 UpdateNaviInstallService;UpdateNaviInstallService;c:\program files\Fujitsu\fjdvrupd\updnvsrv.exe [2009-09-30 14336]
R2 VFPRadioSupportService;Bluetooth Feature Support;c:\program files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe [2009-12-24 145840]
R2 WTService;WTService;c:\windows\System32\atwtusb.exe [2009-11-26 665320]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-23 250568]
R3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys [x]
R3 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-09 116648]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-27 158976]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-08-23 317440]
R3 libusb0;libusb-win32 - Kernel Driver, Version 1.2.4.0;c:\windows\system32\drivers\libusb0.sys [2012-03-02 29184]
R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-27 291696]
R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2012-07-22 5132888]
R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf.sys [2010-09-01 17976]
R3 qicflt;upper Device Filter Driver;c:\windows\system32\DRIVERS\qicflt.sys [2011-04-08 29800]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2012-03-02 244224]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-04-12 708200]
R3 RTL8168;Realtek 8168 NT Driver;c:\windows\system32\DRIVERS\Rt630x64.sys [2012-06-13 683664]
R3 RTLE8023x64;Realtek 10/100/1000 PCI-E NIC Family NDIS XP(x64) Driver;c:\windows\system32\DRIVERS\Rtenic64.sys [2012-05-26 438376]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2012-07-04 1188896]
R3 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2012-03-22 166528]
R3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys [2012-02-25 22800]
R3 SmbDrvIntel;SmbDrvIntel;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-07-06 27960]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-27 1255736]
R3 WSDPrintDevice;WSD Print Support via UMB;c:\windows\system32\DRIVERS\WSDPrint.sys [2009-07-14 23040]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys [2009-07-14 25088]
S0 FBIOSDRV;Fujitsu BIOS Driver;c:\windows\System32\Drivers\FBIOSDRV.sys [2009-06-24 21104]
S0 MxEFUF;Matrox Extio Upper Function Filter;c:\windows\system32\DRIVERS\MxEFUF64.sys [2011-10-20 157696]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2009-07-09 55280]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-06-12 283200]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]
S3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;c:\windows\system32\drivers\FUJ02E3.sys [2006-11-01 7296]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2009-09-17 56344]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys [2011-09-02 76056]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys [2011-09-02 15128]
S3 pmkbdfltr;PenMount Keyboard Device Filter Driver;c:\windows\system32\DRIVERS\pmkbdfltr.sys [2012-08-01 18832]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys [2012-07-06 27960]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
Contents of the 'Scheduled Tasks' folder
.
2012-08-23 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-01-06 01:25]
.
2012-08-27 c:\windows\Tasks\GlaryInitialize.job
- c:\program files (x86)\Glary Utilities\initialize.exe [2010-12-27 15:46]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-09 05:39]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-07-09 05:39]
.
2012-08-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1324127554-2673374786-2514842295-1000Core.job
- c:\users\Seanna\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-22 22:06]
.
2012-08-27 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1324127554-2673374786-2514842295-1000UA.job
- c:\users\Seanna\AppData\Local\Google\Update\GoogleUpdate.exe [2012-04-22 22:06]
.
2012-08-21 c:\windows\Tasks\Spybot - Search & Destroy - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SpybotSD.exe [2010-12-27 23:31]
.
2010-12-29 c:\windows\Tasks\Spybot - Search & Destroy Updater - Scheduled Task.job
- c:\program files (x86)\Spybot - Search & Destroy\SDUpdate.exe [2010-12-27 23:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
2012-07-29 06:14 2860176 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-08-13 03:49 244672 ----a-w- c:\users\Seanna\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-08-13 03:49 244672 ----a-w- c:\users\Seanna\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-08-13 03:49 244672 ----a-w- c:\users\Seanna\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2012-07-29 06:14 2860176 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2012-07-29 06:14 2860176 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2012-07-29 06:14 2860176 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopFileLocked]
@="{C253B817-3A00-475f-A5A3-6F2DD704B48D}"
[HKEY_CLASSES_ROOT\CLSID\{C253B817-3A00-475f-A5A3-6F2DD704B48D}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSynced]
@="{19ACC806-F7AA-46AA-A80A-726A07CA6637}"
[HKEY_CLASSES_ROOT\CLSID\{19ACC806-F7AA-46AA-A80A-726A07CA6637}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopNotSyncedCollabs]
@="{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}"
[HKEY_CLASSES_ROOT\CLSID\{337D9DE0-3F8B-4430-AF0F-FFC24A95AE8F}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSynced]
@="{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}"
[HKEY_CLASSES_ROOT\CLSID\{B7AC9C6D-F15B-4B1A-A88D-F518D13861D9}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\000BoxDesktopSyncedCollab]
@="{9E48C232-F601-4E41-BB3E-16CBAF317AA4}"
[HKEY_CLASSES_ROOT\CLSID\{9E48C232-F601-4E41-BB3E-16CBAF317AA4}]
2010-11-05 01:57 444752 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Seanna\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Seanna\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Seanna\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2010-10-06 23:36 97792 ----a-w- c:\users\Seanna\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2012-07-20 22:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2012-07-20 22:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2012-07-20 22:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2012-07-20 22:17 755544 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncBackedUp]
@="{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}"
[HKEY_CLASSES_ROOT\CLSID\{0C4A258A-3F3B-4FFF-80A7-9B3BEC139472}]
2012-07-13 05:17 463992 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncPending]
@="{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}"
[HKEY_CLASSES_ROOT\CLSID\{62CCD8E3-9C21-41E1-B55E-1E26DFC68511}]
2012-07-13 05:17 463992 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncRoot]
@="{A759AFF6-5851-457D-A540-F4ECED148351}"
[HKEY_CLASSES_ROOT\CLSID\{A759AFF6-5851-457D-A540-F4ECED148351}]
2012-07-13 05:17 463992 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\SugarSyncShared]
@="{1574C9EF-7D58-488F-B358-8B78C1538F51}"
[HKEY_CLASSES_ROOT\CLSID\{1574C9EF-7D58-488F-B358-8B78C1538F51}]
2012-07-13 05:17 463992 ----a-w- c:\program files (x86)\SugarSync\SugarSyncShellExt_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Unattend0000000001{64E719DC-345C-4481-A790-E1BE418BBCCD}"="c:\fujitsu\ClickMe\LogonCommands\gexc.exe" [2009-08-11 497264]
"LoadFujitsuQuickTouch"="c:\program files\Fujitsu\Application Panel\QuickTouch.exe" [2009-10-16 157544]
"LoadBtnHnd"="c:\program files\Fujitsu\Application Panel\BtnHnd.exe" [2009-10-16 35176]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-04-24 12480616]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-01-11 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-01-11 392984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-01-11 417560]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2010-11-04 1580368]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]
"FJUPDNV_Chitose"="c:\program files\Fujitsu\fjdvrupd\updatenv.exe" [2010-01-13 157184]
"MacroKeyManager"="WTMKM.exe" [2009-08-11 5634792]
"BoxSyncHelper"="c:\program files\Box Sync\BoxSyncHelper.exe" [2012-08-18 393216]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-03-27 1271168]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://solutions.us.fujitsu.com/
mStart Page =
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Seanna\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\users\Seanna\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
Trusted Zone: samsungsetup.com\www
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - c:\program files\Microsoft Office 15\root\office15\msosb.dll
FF - ProfilePath - c:\users\Seanna\AppData\Roaming\Mozilla\Firefox\Profiles\6l9w25a9.default\
FF - prefs.js: browser.search.selectedEngine - Search the web (Babylon)
FF - prefs.js: browser.startup.homepage - hxxp://search.babylon.com/?affID=112049&tt=140812_bandext_3312_8&babsrc=HP_ss&mntrId=4605c9af0000000000002ae400fb47fc
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-08-27 10:31:54
ComboFix-quarantined-files.txt 2012-08-27 17:31
.
Pre-Run: 82,377,498,624 bytes free
Post-Run: 82,061,455,360 bytes free
.
- - End Of File - - 2D52DBB4E155881921F58E798E680E4F

The computer is still as slow to startup as before, but I did forget to mention that Windows Update doesn't work or hasn't been working and some of those updates include a Windows 7 Security Update. Firefox still has babylon as it's front homepage and there is still a window with a white screen popping up on startup that I'm not sure what it is. Even Google Chrome is slower to startup than before this all happened. Thanks for the your time and help.

Edited by strawbaerie, 27 August 2012 - 01:03 PM.


#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:22 AM

Posted 27 August 2012 - 01:42 PM

Greetings

I want you to run these next,

tdsskiller:

Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.

If you have any problems running either one come back and let me know

please reply with the reports from TDSSKiller and aswMBR

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 strawbaerie

strawbaerie
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 27 August 2012 - 06:37 PM

Here is the tdsskiller report:

13:27:38.0180 1972 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
13:27:39.0085 1972 ============================================================
13:27:39.0085 1972 Current date / time: 2012/08/27 13:27:39.0085
13:27:39.0085 1972 SystemInfo:
13:27:39.0085 1972
13:27:39.0085 1972 OS Version: 6.1.7601 ServicePack: 1.0
13:27:39.0085 1972 Product type: Workstation
13:27:39.0085 1972 ComputerName: MICKY
13:27:39.0085 1972 UserName: Seanna
13:27:39.0085 1972 Windows directory: C:\windows
13:27:39.0085 1972 System windows directory: C:\windows
13:27:39.0085 1972 Running under WOW64
13:27:39.0085 1972 Processor architecture: Intel x64
13:27:39.0085 1972 Number of processors: 4
13:27:39.0085 1972 Page size: 0x1000
13:27:39.0085 1972 Boot type: Normal boot
13:27:39.0085 1972 ============================================================
13:27:42.0189 1972 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:27:42.0205 1972 ============================================================
13:27:42.0205 1972 \Device\Harddisk0\DR0:
13:27:42.0205 1972 MBR partitions:
13:27:42.0205 1972 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2000800, BlocksNum 0x64000
13:27:42.0205 1972 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2064800, BlocksNum 0x1C191000
13:27:42.0205 1972 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E1F5800, BlocksNum 0x1C190000
13:27:42.0205 1972 ============================================================
13:27:42.0377 1972 C: <-> \Device\Harddisk0\DR0\Partition2
13:27:42.0735 1972 D: <-> \Device\Harddisk0\DR0\Partition3
13:27:42.0735 1972 ============================================================
13:27:42.0735 1972 Initialize success
13:27:42.0735 1972 ============================================================
13:27:44.0171 0900 ============================================================
13:27:44.0171 0900 Scan started
13:27:44.0171 0900 Mode: Manual;
13:27:44.0171 0900 ============================================================
13:27:45.0606 0900 ================ Scan system memory ========================
13:27:45.0606 0900 System memory - ok
13:27:45.0621 0900 ================ Scan services =============================
13:27:46.0089 0900 [ 7D9D615201A483D6FA99491C2E655A5A ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
13:27:46.0089 0900 !SASCORE - ok
13:27:47.0306 0900 [ EC39F1D7AEE1F9C5ED803283196F8691 ] #UpdateService C:\Program Files\Box Sync\UpdateService.exe
13:27:47.0306 0900 #UpdateService - ok
13:27:47.0681 0900 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
13:27:47.0681 0900 1394ohci - ok
13:27:47.0774 0900 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\windows\system32\drivers\ACPI.sys
13:27:47.0774 0900 ACPI - ok
13:27:47.0806 0900 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
13:27:47.0821 0900 AcpiPmi - ok
13:27:48.0554 0900 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:27:48.0554 0900 AdobeARMservice - ok
13:27:49.0085 0900 [ B2B64AF436FACCFA854DD397027C5360 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:27:49.0100 0900 AdobeFlashPlayerUpdateSvc - ok
13:27:49.0648 0900 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
13:27:49.0648 0900 adp94xx - ok
13:27:49.0742 0900 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\windows\system32\drivers\adpahci.sys
13:27:49.0742 0900 adpahci - ok
13:27:49.0992 0900 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\windows\system32\drivers\adpu320.sys
13:27:50.0007 0900 adpu320 - ok
13:27:50.0085 0900 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
13:27:50.0085 0900 AeLookupSvc - ok
13:27:50.0290 0900 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\windows\system32\drivers\afd.sys
13:27:50.0300 0900 AFD - ok
13:27:50.0540 0900 [ 98022774D9930ECBB292E70DB7601DF6 ] AgereSoftModem C:\windows\system32\DRIVERS\agrsm64.sys
13:27:50.0550 0900 AgereSoftModem - ok
13:27:50.0691 0900 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\windows\system32\drivers\agp440.sys
13:27:50.0691 0900 agp440 - ok
13:27:50.0784 0900 [ C74E17A274E4DF797D743B500582906A ] aiptektp C:\windows\system32\DRIVERS\aiptektp.sys
13:27:50.0784 0900 aiptektp - ok
13:27:51.0861 0900 [ 29584F02A43E427C4227E3B1D9FF1B22 ] Akamai c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll
13:27:51.0861 0900 Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584F02A43E427C4227E3B1D9FF1B22
13:27:51.0876 0900 Akamai ( HiddenFile.Multi.Generic ) - warning
13:27:51.0876 0900 Akamai - detected HiddenFile.Multi.Generic (1)
13:27:51.0923 0900 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\windows\System32\alg.exe
13:27:51.0923 0900 ALG - ok
13:27:52.0017 0900 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\windows\system32\drivers\aliide.sys
13:27:52.0017 0900 aliide - ok
13:27:52.0095 0900 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\windows\system32\drivers\amdide.sys
13:27:52.0095 0900 amdide - ok
13:27:52.0220 0900 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
13:27:52.0220 0900 AmdK8 - ok
13:27:52.0360 0900 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
13:27:52.0360 0900 AmdPPM - ok
13:27:52.0438 0900 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\windows\system32\drivers\amdsata.sys
13:27:52.0438 0900 amdsata - ok
13:27:52.0500 0900 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\windows\system32\drivers\amdsbs.sys
13:27:52.0500 0900 amdsbs - ok
13:27:52.0563 0900 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\windows\system32\drivers\amdxata.sys
13:27:52.0563 0900 amdxata - ok
13:27:52.0594 0900 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\windows\system32\drivers\appid.sys
13:27:52.0594 0900 AppID - ok
13:27:52.0641 0900 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\windows\System32\appidsvc.dll
13:27:52.0641 0900 AppIDSvc - ok
13:27:52.0688 0900 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\windows\System32\appinfo.dll
13:27:52.0688 0900 Appinfo - ok
13:27:52.0968 0900 [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:27:52.0968 0900 Apple Mobile Device - ok
13:27:53.0093 0900 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\windows\system32\drivers\arc.sys
13:27:53.0093 0900 arc - ok
13:27:53.0156 0900 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\windows\system32\drivers\arcsas.sys
13:27:53.0156 0900 arcsas - ok
13:27:53.0452 0900 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:27:53.0452 0900 aspnet_state - ok
13:27:53.0483 0900 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
13:27:53.0483 0900 AsyncMac - ok
13:27:53.0530 0900 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\windows\system32\drivers\atapi.sys
13:27:53.0530 0900 atapi - ok
13:27:54.0138 0900 [ 0450B9DA892E7F3AB8EE817D4E835C0B ] athr C:\windows\system32\DRIVERS\athrx.sys
13:27:54.0185 0900 athr - ok
13:27:54.0263 0900 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
13:27:54.0263 0900 AudioEndpointBuilder - ok
13:27:54.0341 0900 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\windows\System32\Audiosrv.dll
13:27:54.0341 0900 AudioSrv - ok
13:27:54.0388 0900 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\windows\System32\AxInstSV.dll
13:27:54.0388 0900 AxInstSV - ok
13:27:54.0419 0900 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
13:27:54.0437 0900 b06bdrv - ok
13:27:54.0483 0900 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
13:27:54.0483 0900 b57nd60a - ok
13:27:54.0686 0900 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\windows\System32\bdesvc.dll
13:27:54.0686 0900 BDESVC - ok
13:27:54.0764 0900 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\windows\system32\drivers\Beep.sys
13:27:54.0764 0900 Beep - ok
13:27:54.0842 0900 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\windows\System32\bfe.dll
13:27:54.0857 0900 BFE - ok
13:27:54.0920 0900 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\windows\system32\qmgr.dll
13:27:54.0920 0900 BITS - ok
13:27:54.0951 0900 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
13:27:54.0951 0900 blbdrive - ok
13:27:55.0263 0900 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:27:55.0263 0900 Bonjour Service - ok
13:27:55.0388 0900 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\windows\system32\DRIVERS\bowser.sys
13:27:55.0388 0900 bowser - ok
13:27:55.0528 0900 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
13:27:55.0528 0900 BrFiltLo - ok
13:27:55.0575 0900 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
13:27:55.0575 0900 BrFiltUp - ok
13:27:55.0622 0900 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
13:27:55.0622 0900 BridgeMP - ok
13:27:55.0684 0900 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\windows\System32\browser.dll
13:27:55.0684 0900 Browser - ok
13:27:56.0137 0900 [ 7786D462B7FFBBA83210D818FCBD12A9 ] Browser Manager C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
13:27:56.0152 0900 Browser Manager - ok
13:27:56.0230 0900 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\windows\System32\Drivers\Brserid.sys
13:27:56.0230 0900 Brserid - ok
13:27:56.0308 0900 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
13:27:56.0308 0900 BrSerWdm - ok
13:27:56.0386 0900 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
13:27:56.0386 0900 BrUsbMdm - ok
13:27:56.0558 0900 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
13:27:56.0558 0900 BrUsbSer - ok
13:27:56.0714 0900 [ A437FBD0F3371EB16C676B6C4B501C77 ] Btcsrusb C:\windows\system32\Drivers\btcusb.sys
13:27:56.0714 0900 Btcsrusb - ok
13:27:56.0807 0900 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\windows\system32\drivers\BthEnum.sys
13:27:56.0807 0900 BthEnum - ok
13:27:56.0870 0900 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
13:27:56.0870 0900 BTHMODEM - ok
13:27:56.0932 0900 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
13:27:56.0932 0900 BthPan - ok
13:27:57.0135 0900 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
13:27:57.0135 0900 BTHPORT - ok
13:27:57.0182 0900 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\windows\system32\bthserv.dll
13:27:57.0182 0900 bthserv - ok
13:27:57.0213 0900 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
13:27:57.0213 0900 BTHUSB - ok
13:27:57.0307 0900 [ 58BF7714A312698108A96D0DE2BB6825 ] cbVSCService11 C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
13:27:57.0307 0900 cbVSCService11 - ok
13:27:57.0338 0900 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
13:27:57.0338 0900 cdfs - ok
13:27:57.0431 0900 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
13:27:57.0431 0900 cdrom - ok
13:27:57.0494 0900 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\windows\System32\certprop.dll
13:27:57.0494 0900 CertPropSvc - ok
13:27:57.0556 0900 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\windows\system32\drivers\circlass.sys
13:27:57.0556 0900 circlass - ok
13:27:57.0697 0900 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\windows\system32\CLFS.sys
13:27:57.0697 0900 CLFS - ok
13:27:57.0775 0900 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:27:57.0775 0900 clr_optimization_v2.0.50727_32 - ok
13:27:58.0055 0900 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:27:58.0071 0900 clr_optimization_v2.0.50727_64 - ok
13:27:58.0289 0900 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:27:58.0289 0900 clr_optimization_v4.0.30319_32 - ok
13:27:58.0352 0900 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:27:58.0352 0900 clr_optimization_v4.0.30319_64 - ok
13:27:58.0367 0900 clwvd - ok
13:27:58.0555 0900 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\windows\system32\drivers\CmBatt.sys
13:27:58.0555 0900 CmBatt - ok
13:27:58.0570 0900 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\windows\system32\drivers\cmdide.sys
13:27:58.0570 0900 cmdide - ok
13:27:58.0711 0900 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\windows\system32\Drivers\cng.sys
13:27:58.0726 0900 CNG - ok
13:27:58.0757 0900 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\windows\system32\drivers\compbatt.sys
13:27:58.0757 0900 Compbatt - ok
13:27:58.0835 0900 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
13:27:58.0835 0900 CompositeBus - ok
13:27:58.0835 0900 COMSysApp - ok
13:27:58.0882 0900 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
13:27:58.0882 0900 crcdisk - ok
13:27:58.0929 0900 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\windows\system32\cryptsvc.dll
13:27:58.0929 0900 CryptSvc - ok
13:27:59.0023 0900 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\windows\system32\rpcss.dll
13:27:59.0038 0900 DcomLaunch - ok
13:27:59.0085 0900 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\windows\System32\defragsvc.dll
13:27:59.0101 0900 defragsvc - ok
13:27:59.0179 0900 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\windows\system32\Drivers\dfsc.sys
13:27:59.0179 0900 DfsC - ok
13:27:59.0288 0900 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\windows\system32\dhcpcore.dll
13:27:59.0288 0900 Dhcp - ok
13:27:59.0335 0900 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\windows\system32\drivers\discache.sys
13:27:59.0335 0900 discache - ok
13:27:59.0366 0900 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\windows\system32\drivers\disk.sys
13:27:59.0366 0900 Disk - ok
13:27:59.0413 0900 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\windows\System32\dnsrslvr.dll
13:27:59.0428 0900 Dnscache - ok
13:27:59.0459 0900 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\windows\System32\dot3svc.dll
13:27:59.0459 0900 dot3svc - ok
13:27:59.0522 0900 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\windows\system32\dps.dll
13:27:59.0537 0900 DPS - ok
13:27:59.0631 0900 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
13:27:59.0647 0900 drmkaud - ok
13:27:59.0709 0900 [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01 C:\windows\system32\DRIVERS\dtsoftbus01.sys
13:27:59.0709 0900 dtsoftbus01 - ok
13:27:59.0818 0900 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
13:27:59.0834 0900 DXGKrnl - ok
13:27:59.0896 0900 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\windows\System32\eapsvc.dll
13:27:59.0896 0900 EapHost - ok
13:28:00.0068 0900 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\windows\system32\drivers\evbda.sys
13:28:00.0099 0900 ebdrv - ok
13:28:00.0193 0900 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\windows\System32\lsass.exe
13:28:00.0208 0900 EFS - ok
13:28:00.0427 0900 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\windows\ehome\ehRecvr.exe
13:28:00.0427 0900 ehRecvr - ok
13:28:00.0536 0900 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\windows\ehome\ehsched.exe
13:28:00.0536 0900 ehSched - ok
13:28:00.0583 0900 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\windows\system32\drivers\elxstor.sys
13:28:00.0583 0900 elxstor - ok
13:28:00.0645 0900 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\windows\system32\drivers\errdev.sys
13:28:00.0645 0900 ErrDev - ok
13:28:00.0723 0900 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\windows\system32\es.dll
13:28:00.0739 0900 EventSystem - ok
13:28:00.0801 0900 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\windows\system32\drivers\exfat.sys
13:28:00.0801 0900 exfat - ok
13:28:00.0863 0900 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\windows\system32\drivers\fastfat.sys
13:28:00.0863 0900 fastfat - ok
13:28:00.0957 0900 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\windows\system32\fxssvc.exe
13:28:00.0957 0900 Fax - ok
13:28:01.0019 0900 [ 9955BF48FD2FA8D481848CD3024EDD0B ] FBIOSDRV C:\windows\system32\Drivers\FBIOSDRV.sys
13:28:01.0019 0900 FBIOSDRV - ok
13:28:01.0051 0900 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\windows\system32\drivers\fdc.sys
13:28:01.0051 0900 fdc - ok
13:28:01.0097 0900 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\windows\system32\fdPHost.dll
13:28:01.0097 0900 fdPHost - ok
13:28:01.0129 0900 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\windows\system32\fdrespub.dll
13:28:01.0144 0900 FDResPub - ok
13:28:01.0160 0900 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
13:28:01.0175 0900 FileInfo - ok
13:28:01.0191 0900 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\windows\system32\drivers\filetrace.sys
13:28:01.0191 0900 Filetrace - ok
13:28:01.0238 0900 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\windows\system32\drivers\flpydisk.sys
13:28:01.0238 0900 flpydisk - ok
13:28:01.0285 0900 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
13:28:01.0285 0900 FltMgr - ok
13:28:01.0331 0900 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\windows\system32\FntCache.dll
13:28:01.0347 0900 FontCache - ok
13:28:01.0441 0900 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:28:01.0441 0900 FontCache3.0.0.0 - ok
13:28:01.0487 0900 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\windows\system32\drivers\FsDepends.sys
13:28:01.0487 0900 FsDepends - ok
13:28:01.0550 0900 [ C2E475625F2C6F7DCDE4E920523A0573 ] fssfltr C:\windows\system32\DRIVERS\fssfltr.sys
13:28:01.0550 0900 fssfltr - ok
13:28:01.0753 0900 [ 4E2E6FEDFE4A3445DBD0C623A242362D ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
13:28:01.0753 0900 fsssvc - ok
13:28:01.0815 0900 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
13:28:01.0831 0900 Fs_Rec - ok
13:28:01.0877 0900 [ BA0C1FFDA496D8BCBCAC63F8D98D20E3 ] FUJ02B1 C:\windows\system32\drivers\FUJ02B1.sys
13:28:01.0877 0900 FUJ02B1 - ok
13:28:01.0893 0900 [ 7135030CBF87D724B6037BB023923730 ] FUJ02E3 C:\windows\system32\drivers\FUJ02E3.sys
13:28:01.0893 0900 FUJ02E3 - ok
13:28:01.0924 0900 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
13:28:01.0924 0900 fvevol - ok
13:28:01.0955 0900 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
13:28:01.0955 0900 gagp30kx - ok
13:28:02.0018 0900 [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
13:28:02.0018 0900 GEARAspiWDM - ok
13:28:02.0080 0900 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\windows\System32\gpsvc.dll
13:28:02.0080 0900 gpsvc - ok
13:28:02.0205 0900 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:28:02.0205 0900 gupdate - ok
13:28:02.0236 0900 [ 506708142BC63DABA64F2D3AD1DCD5BF ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:28:02.0236 0900 gupdatem - ok
13:28:02.0283 0900 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
13:28:02.0283 0900 hcw85cir - ok
13:28:02.0361 0900 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
13:28:02.0361 0900 HdAudAddService - ok
13:28:02.0392 0900 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
13:28:02.0392 0900 HDAudBus - ok
13:28:02.0439 0900 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\windows\system32\drivers\HECIx64.sys
13:28:02.0439 0900 HECIx64 - ok
13:28:02.0470 0900 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\windows\system32\drivers\HidBatt.sys
13:28:02.0470 0900 HidBatt - ok
13:28:02.0517 0900 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\windows\system32\drivers\hidbth.sys
13:28:02.0517 0900 HidBth - ok
13:28:02.0611 0900 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\windows\system32\drivers\hidir.sys
13:28:02.0611 0900 HidIr - ok
13:28:02.0657 0900 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\windows\System32\hidserv.dll
13:28:02.0673 0900 hidserv - ok
13:28:02.0704 0900 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\windows\system32\DRIVERS\hidusb.sys
13:28:02.0704 0900 HidUsb - ok
13:28:02.0782 0900 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\windows\system32\kmsvc.dll
13:28:02.0782 0900 hkmsvc - ok
13:28:02.0829 0900 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\windows\system32\ListSvc.dll
13:28:02.0829 0900 HomeGroupListener - ok
13:28:02.0907 0900 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\windows\system32\provsvc.dll
13:28:02.0907 0900 HomeGroupProvider - ok
13:28:02.0954 0900 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
13:28:02.0954 0900 HpSAMD - ok
13:28:03.0125 0900 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\windows\system32\drivers\HTTP.sys
13:28:03.0141 0900 HTTP - ok
13:28:03.0188 0900 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
13:28:03.0188 0900 hwpolicy - ok
13:28:03.0219 0900 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
13:28:03.0219 0900 i8042prt - ok
13:28:03.0297 0900 [ 88D26E2881646FAD2B2114CF8C75FC3C ] iaStor C:\windows\system32\drivers\iaStor.sys
13:28:03.0313 0900 iaStor - ok
13:28:03.0375 0900 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
13:28:03.0375 0900 iaStorV - ok
13:28:03.0547 0900 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
13:28:03.0547 0900 IDriverT - ok
13:28:03.0734 0900 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:28:03.0749 0900 idsvc - ok
13:28:04.0155 0900 [ F4F91789C7C7A159CE8215C1F69F2A85 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
13:28:04.0280 0900 igfx - ok
13:28:04.0327 0900 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\windows\system32\drivers\iirsp.sys
13:28:04.0327 0900 iirsp - ok
13:28:04.0561 0900 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\windows\System32\ikeext.dll
13:28:04.0576 0900 IKEEXT - ok
13:28:04.0685 0900 [ DD587A55390ED2295BCE6D36AD567DA9 ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
13:28:04.0685 0900 Impcd - ok
13:28:04.0810 0900 [ 02674201AD9FE19AC3376705077882C6 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
13:28:04.0857 0900 IntcAzAudAddService - ok
13:28:04.0904 0900 [ AE594CC17C33AC146739494615E14851 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
13:28:04.0919 0900 IntcDAud - ok
13:28:04.0951 0900 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\windows\system32\drivers\intelide.sys
13:28:04.0951 0900 intelide - ok
13:28:04.0982 0900 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\windows\system32\drivers\intelppm.sys
13:28:04.0982 0900 intelppm - ok
13:28:05.0013 0900 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\windows\system32\ipbusenum.dll
13:28:05.0029 0900 IPBusEnum - ok
13:28:05.0091 0900 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
13:28:05.0091 0900 IpFilterDriver - ok
13:28:05.0153 0900 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
13:28:05.0153 0900 iphlpsvc - ok
13:28:05.0231 0900 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
13:28:05.0231 0900 IPMIDRV - ok
13:28:05.0341 0900 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\windows\system32\drivers\ipnat.sys
13:28:05.0341 0900 IPNAT - ok
13:28:05.0575 0900 [ A9AB99EE7D39725EAFEC82732D2B3271 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:28:05.0590 0900 iPod Service - ok
13:28:05.0621 0900 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\windows\system32\drivers\irenum.sys
13:28:05.0621 0900 IRENUM - ok
13:28:05.0668 0900 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\windows\system32\drivers\isapnp.sys
13:28:05.0668 0900 isapnp - ok
13:28:05.0793 0900 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
13:28:05.0809 0900 iScsiPrt - ok
13:28:05.0855 0900 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
13:28:05.0855 0900 kbdclass - ok
13:28:05.0902 0900 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\windows\system32\DRIVERS\kbdhid.sys
13:28:05.0902 0900 kbdhid - ok
13:28:05.0949 0900 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\windows\system32\lsass.exe
13:28:05.0965 0900 KeyIso - ok
13:28:06.0011 0900 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
13:28:06.0027 0900 KSecDD - ok
13:28:06.0105 0900 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
13:28:06.0105 0900 KSecPkg - ok
13:28:06.0136 0900 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
13:28:06.0152 0900 ksthunk - ok
13:28:06.0199 0900 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\windows\system32\msdtckrm.dll
13:28:06.0214 0900 KtmRm - ok
13:28:06.0292 0900 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\windows\System32\srvsvc.dll
13:28:06.0292 0900 LanmanServer - ok
13:28:06.0370 0900 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\windows\System32\wkssvc.dll
13:28:06.0386 0900 LanmanWorkstation - ok
13:28:06.0635 0900 [ 7772DFAB22611050B79504E671B06E6E ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
13:28:06.0635 0900 LBTServ - ok
13:28:06.0760 0900 [ ED7EC050CD6C20E1A93A4DAFB7EFD14D ] LEqdUsb C:\windows\system32\DRIVERS\LEqdUsb.Sys
13:28:06.0760 0900 LEqdUsb - ok
13:28:06.0823 0900 [ 3267BC698E29474A8381E68904EB0390 ] LHidEqd C:\windows\system32\DRIVERS\LHidEqd.Sys
13:28:06.0823 0900 LHidEqd - ok
13:28:06.0932 0900 [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt C:\windows\system32\DRIVERS\LHidFilt.Sys
13:28:06.0932 0900 LHidFilt - ok
13:28:06.0979 0900 [ ACEC35F181075B20A5EF4A71958B13DF ] libusb0 C:\windows\system32\drivers\libusb0.sys
13:28:06.0979 0900 libusb0 - ok
13:28:07.0041 0900 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
13:28:07.0041 0900 lltdio - ok
13:28:07.0103 0900 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\windows\System32\lltdsvc.dll
13:28:07.0119 0900 lltdsvc - ok
13:28:07.0166 0900 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\windows\System32\lmhsvc.dll
13:28:07.0181 0900 lmhosts - ok
13:28:07.0228 0900 [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt C:\windows\system32\DRIVERS\LMouFilt.Sys
13:28:07.0228 0900 LMouFilt - ok
13:28:07.0447 0900 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
13:28:07.0462 0900 LMS - ok
13:28:07.0493 0900 [ A5080FF109574E41ABF38BBD73EA2405 ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
13:28:07.0493 0900 LPCFilter - ok
13:28:07.0540 0900 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
13:28:07.0556 0900 LSI_FC - ok
13:28:07.0603 0900 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
13:28:07.0618 0900 LSI_SAS - ok
13:28:07.0665 0900 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
13:28:07.0665 0900 LSI_SAS2 - ok
13:28:07.0712 0900 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
13:28:07.0712 0900 LSI_SCSI - ok
13:28:07.0743 0900 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\windows\system32\drivers\luafv.sys
13:28:07.0743 0900 luafv - ok
13:28:07.0805 0900 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
13:28:07.0805 0900 Mcx2Svc - ok
13:28:07.0837 0900 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\windows\system32\drivers\megasas.sys
13:28:07.0837 0900 megasas - ok
13:28:07.0868 0900 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
13:28:07.0883 0900 MegaSR - ok
13:28:07.0993 0900 Microsoft SharePoint Workspace Audit Service - ok
13:28:08.0055 0900 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\windows\system32\mmcss.dll
13:28:08.0071 0900 MMCSS - ok
13:28:08.0117 0900 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\windows\system32\drivers\modem.sys
13:28:08.0117 0900 Modem - ok
13:28:08.0164 0900 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\windows\system32\DRIVERS\monitor.sys
13:28:08.0164 0900 monitor - ok
13:28:08.0195 0900 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
13:28:08.0195 0900 mouclass - ok
13:28:08.0242 0900 [ 21B7ACEA1BB49C3371DD5427BF309D6A ] moufiltr C:\windows\system32\DRIVERS\moufiltr.sys
13:28:08.0242 0900 moufiltr - ok
13:28:08.0273 0900 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
13:28:08.0273 0900 mouhid - ok
13:28:08.0320 0900 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\windows\system32\drivers\mountmgr.sys
13:28:08.0320 0900 mountmgr - ok
13:28:08.0445 0900 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:28:08.0445 0900 MozillaMaintenance - ok
13:28:08.0539 0900 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\windows\system32\DRIVERS\MpFilter.sys
13:28:08.0539 0900 MpFilter - ok
13:28:08.0570 0900 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\windows\system32\drivers\mpio.sys
13:28:08.0570 0900 mpio - ok
13:28:08.0617 0900 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
13:28:08.0617 0900 mpsdrv - ok
13:28:08.0679 0900 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\windows\system32\mpssvc.dll
13:28:08.0695 0900 MpsSvc - ok
13:28:08.0804 0900 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
13:28:08.0804 0900 MRxDAV - ok
13:28:08.0851 0900 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
13:28:08.0851 0900 mrxsmb - ok
13:28:08.0913 0900 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
13:28:08.0913 0900 mrxsmb10 - ok
13:28:08.0975 0900 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
13:28:08.0991 0900 mrxsmb20 - ok
13:28:09.0053 0900 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\windows\system32\drivers\msahci.sys
13:28:09.0053 0900 msahci - ok
13:28:09.0100 0900 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\windows\system32\drivers\msdsm.sys
13:28:09.0100 0900 msdsm - ok
13:28:09.0178 0900 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\windows\System32\msdtc.exe
13:28:09.0194 0900 MSDTC - ok
13:28:09.0272 0900 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\windows\system32\drivers\Msfs.sys
13:28:09.0272 0900 Msfs - ok
13:28:09.0303 0900 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
13:28:09.0303 0900 mshidkmdf - ok
13:28:09.0381 0900 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\windows\system32\drivers\msisadrv.sys
13:28:09.0381 0900 msisadrv - ok
13:28:09.0428 0900 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\windows\system32\iscsiexe.dll
13:28:09.0428 0900 MSiSCSI - ok
13:28:09.0443 0900 msiserver - ok
13:28:09.0490 0900 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
13:28:09.0490 0900 MSKSSRV - ok
13:28:09.0631 0900 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
13:28:09.0631 0900 MsMpSvc - ok
13:28:09.0662 0900 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
13:28:09.0662 0900 MSPCLOCK - ok
13:28:09.0755 0900 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
13:28:09.0755 0900 MSPQM - ok
13:28:09.0802 0900 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\windows\system32\drivers\MsRPC.sys
13:28:09.0818 0900 MsRPC - ok
13:28:09.0927 0900 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
13:28:09.0927 0900 mssmbios - ok
13:28:09.0958 0900 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
13:28:09.0958 0900 MSTEE - ok
13:28:10.0005 0900 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\windows\system32\drivers\MTConfig.sys
13:28:10.0005 0900 MTConfig - ok
13:28:10.0052 0900 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\windows\system32\Drivers\mup.sys
13:28:10.0052 0900 Mup - ok
13:28:10.0099 0900 [ 08835780CC6A5CFF5275101B5A9D17A4 ] MxEFUF C:\windows\system32\DRIVERS\MxEFUF64.sys
13:28:10.0099 0900 MxEFUF - ok
13:28:10.0130 0900 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\windows\system32\qagentRT.dll
13:28:10.0145 0900 napagent - ok
13:28:10.0208 0900 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
13:28:10.0223 0900 NativeWifiP - ok
13:28:10.0286 0900 [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS C:\windows\system32\drivers\ndis.sys
13:28:10.0301 0900 NDIS - ok
13:28:10.0411 0900 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
13:28:10.0411 0900 NdisCap - ok
13:28:10.0489 0900 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
13:28:10.0504 0900 NdisTapi - ok
13:28:10.0567 0900 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
13:28:10.0567 0900 Ndisuio - ok
13:28:10.0645 0900 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
13:28:10.0645 0900 NdisWan - ok
13:28:10.0691 0900 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
13:28:10.0691 0900 NDProxy - ok
13:28:10.0723 0900 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
13:28:10.0723 0900 NetBIOS - ok
13:28:10.0816 0900 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
13:28:10.0816 0900 NetBT - ok
13:28:10.0847 0900 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\windows\system32\lsass.exe
13:28:10.0863 0900 Netlogon - ok
13:28:10.0910 0900 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\windows\System32\netman.dll
13:28:10.0925 0900 Netman - ok
13:28:10.0972 0900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:28:10.0972 0900 NetMsmqActivator - ok
13:28:10.0988 0900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:28:10.0988 0900 NetPipeActivator - ok
13:28:11.0035 0900 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\windows\System32\netprofm.dll
13:28:11.0097 0900 netprofm - ok
13:28:11.0128 0900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:28:11.0128 0900 NetTcpActivator - ok
13:28:11.0144 0900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:28:11.0144 0900 NetTcpPortSharing - ok
13:28:11.0206 0900 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
13:28:11.0206 0900 nfrd960 - ok
13:28:11.0362 0900 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\windows\system32\DRIVERS\NisDrvWFP.sys
13:28:11.0362 0900 NisDrv - ok
13:28:11.0425 0900 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
13:28:11.0440 0900 NisSrv - ok
13:28:11.0503 0900 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\windows\System32\nlasvc.dll
13:28:11.0503 0900 NlaSvc - ok
13:28:11.0534 0900 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\windows\system32\drivers\Npfs.sys
13:28:11.0534 0900 Npfs - ok
13:28:11.0581 0900 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\windows\system32\nsisvc.dll
13:28:11.0581 0900 nsi - ok
13:28:11.0596 0900 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
13:28:11.0596 0900 nsiproxy - ok
13:28:11.0721 0900 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
13:28:11.0768 0900 Ntfs - ok
13:28:11.0799 0900 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\windows\system32\drivers\Null.sys
13:28:11.0799 0900 Null - ok
13:28:11.0846 0900 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\windows\system32\drivers\nvraid.sys
13:28:11.0846 0900 nvraid - ok
13:28:11.0877 0900 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\windows\system32\drivers\nvstor.sys
13:28:11.0877 0900 nvstor - ok
13:28:11.0924 0900 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
13:28:11.0924 0900 nv_agp - ok
13:28:12.0345 0900 [ D99D7854F2D03463C82B2BB2D8C43ABC ] OfficeSvc C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
13:28:12.0361 0900 OfficeSvc - ok
13:28:12.0423 0900 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
13:28:12.0439 0900 ohci1394 - ok
13:28:12.0563 0900 [ F148101BFA4C8F2D0CD123483A989DC4 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:28:12.0563 0900 ose - ok
13:28:12.0938 0900 [ 31DC8D825D2C4EB0FF7ED021BB92C541 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
13:28:13.0094 0900 osppsvc - ok
13:28:13.0187 0900 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\windows\system32\pnrpsvc.dll
13:28:13.0203 0900 p2pimsvc - ok
13:28:13.0297 0900 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\windows\system32\p2psvc.dll
13:28:13.0312 0900 p2psvc - ok
13:28:13.0375 0900 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\windows\system32\drivers\parport.sys
13:28:13.0375 0900 Parport - ok
13:28:13.0453 0900 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\windows\system32\drivers\partmgr.sys
13:28:13.0453 0900 partmgr - ok
13:28:13.0515 0900 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\windows\System32\pcasvc.dll
13:28:13.0531 0900 PcaSvc - ok
13:28:13.0609 0900 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\windows\system32\drivers\pci.sys
13:28:13.0609 0900 pci - ok
13:28:13.0671 0900 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\windows\system32\drivers\pciide.sys
13:28:13.0671 0900 pciide - ok
13:28:13.0749 0900 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\windows\system32\drivers\pcmcia.sys
13:28:13.0749 0900 pcmcia - ok
13:28:13.0827 0900 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\windows\system32\drivers\pcw.sys
13:28:13.0827 0900 pcw - ok
13:28:13.0921 0900 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\windows\system32\drivers\peauth.sys
13:28:13.0936 0900 PEAUTH - ok
13:28:14.0123 0900 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\windows\SysWow64\perfhost.exe
13:28:14.0123 0900 PerfHost - ok
13:28:14.0295 0900 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\windows\system32\pla.dll
13:28:14.0326 0900 pla - ok
13:28:14.0435 0900 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\windows\system32\umpnpmgr.dll
13:28:14.0451 0900 PlugPlay - ok
13:28:14.0607 0900 [ BDEA03A01DD58FF120C9D757A28DAA8B ] pmkbdfltr C:\windows\system32\DRIVERS\pmkbdfltr.sys
13:28:14.0607 0900 pmkbdfltr - ok
13:28:14.0732 0900 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
13:28:14.0732 0900 PNRPAutoReg - ok
13:28:14.0779 0900 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\windows\system32\pnrpsvc.dll
13:28:14.0794 0900 PNRPsvc - ok
13:28:14.0841 0900 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
13:28:14.0857 0900 PolicyAgent - ok
13:28:14.0935 0900 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\windows\system32\umpo.dll
13:28:14.0950 0900 Power - ok
13:28:15.0091 0900 [ 843BA5F09A391D52AC1F8486C5FC3D4F ] PowerSavingUtilityService C:\Program Files\Fujitsu\PSUtility\PSUService.exe
13:28:15.0091 0900 PowerSavingUtilityService - ok
13:28:15.0169 0900 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
13:28:15.0184 0900 PptpMiniport - ok
13:28:15.0231 0900 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\windows\system32\drivers\processr.sys
13:28:15.0231 0900 Processor - ok
13:28:15.0293 0900 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\windows\system32\profsvc.dll
13:28:15.0309 0900 ProfSvc - ok
13:28:15.0340 0900 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\windows\system32\lsass.exe
13:28:15.0340 0900 ProtectedStorage - ok
13:28:15.0418 0900 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\windows\system32\DRIVERS\pacer.sys
13:28:15.0418 0900 Psched - ok
13:28:15.0512 0900 [ FB46E9A827A8799EBD7BFA9128C91F37 ] PSI C:\windows\system32\DRIVERS\psi_mf.sys
13:28:15.0512 0900 PSI - ok
13:28:15.0559 0900 [ 4712CC14E720ECCCC0AA16949D18AAF1 ] PxHlpa64 C:\windows\system32\Drivers\PxHlpa64.sys
13:28:15.0559 0900 PxHlpa64 - ok
13:28:15.0652 0900 [ A73512132ECB2CD721E163ABCEAC359F ] qicflt C:\windows\system32\DRIVERS\qicflt.sys
13:28:15.0652 0900 qicflt - ok
13:28:15.0808 0900 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\windows\system32\drivers\ql2300.sys
13:28:15.0824 0900 ql2300 - ok
13:28:15.0886 0900 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\windows\system32\drivers\ql40xx.sys
13:28:15.0886 0900 ql40xx - ok
13:28:15.0949 0900 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\windows\system32\qwave.dll
13:28:15.0949 0900 QWAVE - ok
13:28:16.0058 0900 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
13:28:16.0058 0900 QWAVEdrv - ok
13:28:16.0089 0900 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
13:28:16.0105 0900 RasAcd - ok
13:28:16.0151 0900 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
13:28:16.0167 0900 RasAgileVpn - ok
13:28:16.0214 0900 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\windows\System32\rasauto.dll
13:28:16.0214 0900 RasAuto - ok
13:28:16.0276 0900 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
13:28:16.0276 0900 Rasl2tp - ok
13:28:16.0526 0900 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\windows\System32\rasmans.dll
13:28:16.0541 0900 RasMan - ok
13:28:16.0588 0900 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
13:28:16.0588 0900 RasPppoe - ok
13:28:16.0651 0900 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
13:28:16.0651 0900 RasSstp - ok
13:28:16.0713 0900 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
13:28:16.0713 0900 rdbss - ok
13:28:16.0838 0900 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\windows\system32\drivers\rdpbus.sys
13:28:16.0838 0900 rdpbus - ok
13:28:16.0869 0900 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
13:28:16.0869 0900 RDPCDD - ok
13:28:16.0916 0900 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
13:28:16.0916 0900 RDPENCDD - ok
13:28:17.0009 0900 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
13:28:17.0009 0900 RDPREFMP - ok
13:28:17.0056 0900 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\windows\system32\drivers\RDPWD.sys
13:28:17.0056 0900 RDPWD - ok
13:28:17.0119 0900 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\windows\system32\drivers\rdyboost.sys
13:28:17.0119 0900 rdyboost - ok
13:28:17.0197 0900 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\windows\System32\mprdim.dll
13:28:17.0197 0900 RemoteAccess - ok
13:28:17.0259 0900 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\windows\system32\regsvc.dll
13:28:17.0259 0900 RemoteRegistry - ok
13:28:17.0321 0900 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
13:28:17.0321 0900 RFCOMM - ok
13:28:17.0353 0900 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
13:28:17.0353 0900 RpcEptMapper - ok
13:28:17.0415 0900 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\windows\system32\locator.exe
13:28:17.0415 0900 RpcLocator - ok
13:28:17.0493 0900 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\windows\System32\rpcss.dll
13:28:17.0509 0900 RpcSs - ok
13:28:17.0571 0900 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
13:28:17.0571 0900 rspndr - ok
13:28:17.0696 0900 [ 2B12B0B32BA058F1DF2706E8FD7DBEBB ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
13:28:17.0696 0900 RSUSBSTOR - ok
13:28:17.0774 0900 [ BD9BA262CF26EFE9A9867EBE32D12164 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
13:28:17.0789 0900 RTL8167 - ok
13:28:17.0867 0900 [ 7D9DA8EC6784A9EE213C676709D46BE6 ] RTL8168 C:\windows\system32\DRIVERS\Rt630x64.sys
13:28:17.0883 0900 RTL8168 - ok
13:28:17.0992 0900 [ 573B3EB59948A23C5FBAD48D90056817 ] RTLE8023x64 C:\windows\system32\DRIVERS\Rtenic64.sys
13:28:17.0992 0900 RTLE8023x64 - ok
13:28:18.0008 0900 RtsUIR - ok
13:28:18.0055 0900 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\windows\system32\lsass.exe
13:28:18.0055 0900 SamSs - ok
13:28:18.0179 0900 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
13:28:18.0179 0900 SASDIFSV - ok
13:28:18.0257 0900 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
13:28:18.0257 0900 SASKUTIL - ok
13:28:18.0289 0900 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\windows\system32\drivers\sbp2port.sys
13:28:18.0289 0900 sbp2port - ok
13:28:18.0445 0900 [ 794D4B48DFB6E999537C7C3947863463 ] SBSDWSCService C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
13:28:18.0507 0900 SBSDWSCService - ok
13:28:18.0647 0900 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\windows\System32\SCardSvr.dll
13:28:18.0647 0900 SCardSvr - ok
13:28:18.0710 0900 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
13:28:18.0710 0900 scfilter - ok
13:28:18.0788 0900 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\windows\system32\schedsvc.dll
13:28:18.0819 0900 Schedule - ok
13:28:18.0881 0900 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\windows\System32\certprop.dll
13:28:18.0881 0900 SCPolicySvc - ok
13:28:19.0287 0900 [ B60E9769655DDEE8368E3ABB6668E076 ] ScrybeUpdater C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe
13:28:19.0303 0900 ScrybeUpdater - ok
13:28:19.0396 0900 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\windows\System32\SDRSVC.dll
13:28:19.0412 0900 SDRSVC - ok
13:28:19.0568 0900 [ 43D29ECB8137EEAE30B0970BBC7A5500 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
13:28:19.0583 0900 SDScannerService - ok
13:28:19.0677 0900 [ 6B859B122E85C2C833E6D8C5DC4B07F3 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
13:28:19.0693 0900 SDUpdateService - ok
13:28:19.0755 0900 [ 59DCE6783F9ED27EB72C81466E363BF8 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
13:28:19.0771 0900 SDWSCService - ok
13:28:19.0802 0900 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\windows\system32\drivers\secdrv.sys
13:28:19.0802 0900 secdrv - ok
13:28:19.0864 0900 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\windows\system32\seclogon.dll
13:28:19.0880 0900 seclogon - ok
13:28:20.0036 0900 [ 9044795E9D1A912D5F1B8DF6211850FD ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
13:28:20.0067 0900 Secunia PSI Agent - ok
13:28:20.0192 0900 [ 8B1A72E4FB63A9C068B08E1F9B70482A ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
13:28:20.0254 0900 Secunia Update Agent - ok
13:28:20.0332 0900 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\windows\system32\sens.dll
13:28:20.0348 0900 SENS - ok
13:28:20.0379 0900 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\windows\system32\sensrsvc.dll
13:28:20.0395 0900 SensrSvc - ok
13:28:20.0519 0900 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\windows\system32\drivers\serenum.sys
13:28:20.0519 0900 Serenum - ok
13:28:20.0597 0900 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\windows\system32\drivers\serial.sys
13:28:20.0597 0900 Serial - ok
13:28:20.0707 0900 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\windows\system32\drivers\sermouse.sys
13:28:20.0707 0900 sermouse - ok
13:28:20.0816 0900 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\windows\system32\sessenv.dll
13:28:20.0831 0900 SessionEnv - ok
13:28:20.0878 0900 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\windows\system32\drivers\sffdisk.sys
13:28:20.0878 0900 sffdisk - ok
13:28:20.0925 0900 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
13:28:20.0925 0900 sffp_mmc - ok
13:28:21.0019 0900 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
13:28:21.0019 0900 sffp_sd - ok
13:28:21.0081 0900 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
13:28:21.0081 0900 sfloppy - ok
13:28:21.0175 0900 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\windows\System32\ipnathlp.dll
13:28:21.0190 0900 SharedAccess - ok
13:28:21.0315 0900 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\windows\System32\shsvcs.dll
13:28:21.0331 0900 ShellHWDetection - ok
13:28:21.0424 0900 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
13:28:21.0440 0900 SiSRaid2 - ok
13:28:21.0502 0900 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
13:28:21.0518 0900 SiSRaid4 - ok
13:28:21.0580 0900 [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:28:21.0580 0900 SkypeUpdate - ok
13:28:21.0643 0900 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\windows\system32\DRIVERS\smb.sys
13:28:21.0658 0900 Smb - ok
13:28:21.0752 0900 [ 20C99358D42DB9585A21BF3BC27FC9BC ] SmbDrv C:\windows\system32\DRIVERS\Smb_driver.sys
13:28:21.0752 0900 SmbDrv - ok
13:28:21.0861 0900 [ 8B4B5E4C0382D7ECBB48DC989AE20FA6 ] SmbDrvI C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
13:28:21.0861 0900 SmbDrvI - ok
13:28:21.0877 0900 [ 8B4B5E4C0382D7ECBB48DC989AE20FA6 ] SmbDrvIntel C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
13:28:21.0877 0900 SmbDrvIntel - ok
13:28:21.0970 0900 [ 3B47F81C3C3B4742221A5391EF8D499D ] smbusp C:\windows\system32\DRIVERS\intelsmb.sys
13:28:21.0970 0900 smbusp - ok
13:28:22.0079 0900 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\windows\System32\snmptrap.exe
13:28:22.0095 0900 SNMPTRAP - ok
13:28:22.0157 0900 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\windows\system32\drivers\spldr.sys
13:28:22.0157 0900 spldr - ok
13:28:22.0329 0900 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\windows\System32\spoolsv.exe
13:28:22.0345 0900 Spooler - ok
13:28:22.0922 0900 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\windows\system32\sppsvc.exe
13:28:23.0015 0900 sppsvc - ok
13:28:23.0468 0900 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\windows\system32\sppuinotify.dll
13:28:23.0530 0900 sppuinotify - ok
13:28:24.0124 0900 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\windows\system32\DRIVERS\srv.sys
13:28:24.0186 0900 srv - ok
13:28:24.0374 0900 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
13:28:24.0389 0900 srv2 - ok
13:28:24.0420 0900 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
13:28:24.0436 0900 srvnet - ok
13:28:24.0514 0900 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
13:28:24.0530 0900 SSDPSRV - ok
13:28:24.0654 0900 [ 0211AB46B73A2623B86C1CFCB30579AB ] SSPORT C:\windows\system32\Drivers\SSPORT.sys
13:28:24.0686 0900 SSPORT - ok
13:28:24.0873 0900 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\windows\system32\sstpsvc.dll
13:28:24.0873 0900 SstpSvc - ok
13:28:24.0998 0900 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\windows\system32\drivers\stexstor.sys
13:28:24.0998 0900 stexstor - ok
13:28:25.0294 0900 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\windows\System32\wiaservc.dll
13:28:25.0325 0900 stisvc - ok
13:28:25.0403 0900 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\windows\system32\drivers\swenum.sys
13:28:25.0419 0900 swenum - ok
13:28:25.0856 0900 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\windows\System32\swprv.dll
13:28:26.0012 0900 swprv - ok
13:28:26.0885 0900 [ 8DF6C536ECE3B538978B53C223AB905D ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
13:28:26.0963 0900 SynTP - ok
13:28:27.0353 0900 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\windows\system32\sysmain.dll
13:28:27.0431 0900 SysMain - ok
13:28:27.0650 0900 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\windows\System32\TabSvc.dll
13:28:27.0650 0900 TabletInputService - ok
13:28:27.0915 0900 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\windows\System32\tapisrv.dll
13:28:27.0993 0900 TapiSrv - ok
13:28:28.0258 0900 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\windows\System32\tbssvc.dll
13:28:28.0274 0900 TBS - ok
13:28:28.0710 0900 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\windows\system32\drivers\tcpip.sys
13:28:28.0898 0900 Tcpip - ok
13:28:29.0303 0900 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
13:28:29.0334 0900 TCPIP6 - ok
13:28:29.0459 0900 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
13:28:29.0459 0900 tcpipreg - ok
13:28:29.0600 0900 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
13:28:29.0600 0900 TDPIPE - ok
13:28:29.0834 0900 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
13:28:29.0834 0900 TDTCP - ok
13:28:29.0990 0900 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\windows\system32\DRIVERS\tdx.sys
13:28:29.0990 0900 tdx - ok
13:28:31.0862 0900 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
13:28:31.0955 0900 TeamViewer7 - ok
13:28:32.0080 0900 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\windows\system32\drivers\termdd.sys
13:28:32.0080 0900 TermDD - ok
13:28:32.0657 0900 [ 2E648163254233755035B46DD7B89123 ] TermService C:\windows\System32\termsrv.dll
13:28:32.0720 0900 TermService - ok
13:28:32.0782 0900 [ F0344071948D1A1FA732231785A0664C ] Themes C:\windows\system32\themeservice.dll
13:28:32.0782 0900 Themes - ok
13:28:32.0860 0900 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\windows\system32\mmcss.dll
13:28:32.0860 0900 THREADORDER - ok
13:28:33.0063 0900 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\windows\System32\trkwks.dll
13:28:33.0078 0900 TrkWks - ok
13:28:33.0515 0900 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
13:28:33.0515 0900 TrustedInstaller - ok
13:28:33.0890 0900 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
13:28:33.0890 0900 tssecsrv - ok
13:28:34.0342 0900 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
13:28:34.0342 0900 TsUsbFlt - ok
13:28:34.0420 0900 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
13:28:34.0420 0900 tunnel - ok
13:28:34.0732 0900 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\windows\system32\drivers\uagp35.sys
13:28:34.0732 0900 uagp35 - ok
13:28:34.0950 0900 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\windows\system32\DRIVERS\udfs.sys
13:28:34.0982 0900 udfs - ok
13:28:35.0091 0900 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\windows\system32\UI0Detect.exe
13:28:35.0106 0900 UI0Detect - ok
13:28:35.0153 0900 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
13:28:35.0153 0900 uliagpkx - ok
13:28:35.0638 0900 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\windows\system32\DRIVERS\umbus.sys
13:28:35.0664 0900 umbus - ok
13:28:35.0947 0900 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\windows\system32\drivers\umpass.sys
13:28:35.0950 0900 UmPass - ok
13:28:36.0949 0900 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
13:28:36.0980 0900 UNS - ok
13:28:37.0469 0900 [ CF118B88F01B5431F889210FCA4E7364 ] UpdateNaviInstallService C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe
13:28:37.0470 0900 UpdateNaviInstallService - ok
13:28:37.0617 0900 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\windows\System32\upnphost.dll
13:28:37.0631 0900 upnphost - ok
13:28:38.0192 0900 [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
13:28:38.0239 0900 USBAAPL64 - ok
13:28:38.0442 0900 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
13:28:38.0442 0900 usbaudio - ok
13:28:38.0754 0900 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
13:28:38.0754 0900 usbccgp - ok
13:28:38.0785 0900 USBCCID - ok
13:28:39.0253 0900 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\windows\system32\drivers\usbcir.sys
13:28:39.0253 0900 usbcir - ok
13:28:39.0362 0900 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\windows\system32\drivers\usbehci.sys
13:28:39.0362 0900 usbehci - ok
13:28:39.0689 0900 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
13:28:39.0734 0900 usbhub - ok
13:28:39.0940 0900 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\windows\system32\drivers\usbohci.sys
13:28:39.0942 0900 usbohci - ok
13:28:40.0073 0900 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
13:28:40.0075 0900 usbprint - ok
13:28:40.0166 0900 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\windows\system32\DRIVERS\usbscan.sys
13:28:40.0168 0900 usbscan - ok
13:28:40.0273 0900 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
13:28:40.0276 0900 USBSTOR - ok
13:28:40.0349 0900 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\windows\system32\drivers\usbuhci.sys
13:28:40.0351 0900 usbuhci - ok
13:28:40.0470 0900 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
13:28:40.0474 0900 usbvideo - ok
13:28:40.0860 0900 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\windows\System32\uxsms.dll
13:28:40.0875 0900 UxSms - ok
13:28:40.0927 0900 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\windows\system32\lsass.exe
13:28:40.0930 0900 VaultSvc - ok
13:28:41.0012 0900 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
13:28:41.0014 0900 vdrvroot - ok
13:28:41.0193 0900 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\windows\System32\vds.exe
13:28:41.0211 0900 vds - ok
13:28:41.0375 0900 [ D9656445499625B0ED88C0B203F3C16F ] VFPRadioSupportService C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe
13:28:41.0378 0900 VFPRadioSupportService - ok
13:28:41.0450 0900 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\windows\system32\DRIVERS\vgapnp.sys
13:28:41.0452 0900 vga - ok
13:28:41.0504 0900 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\windows\System32\drivers\vga.sys
13:28:41.0506 0900 VgaSave - ok
13:28:41.0664 0900 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\windows\system32\drivers\vhdmp.sys
13:28:41.0668 0900 vhdmp - ok
13:28:41.0740 0900 [ C2C95D62C90CA809240112B41C1765F2 ] vhidmini C:\windows\system32\DRIVERS\walvhid.sys
13:28:41.0750 0900 vhidmini - ok
13:28:41.0850 0900 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\windows\system32\drivers\viaide.sys
13:28:41.0852 0900 viaide - ok
13:28:41.0922 0900 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\windows\system32\drivers\volmgr.sys
13:28:41.0929 0900 volmgr - ok
13:28:42.0032 0900 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\windows\system32\drivers\volmgrx.sys
13:28:42.0221 0900 volmgrx - ok
13:28:42.0454 0900 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\windows\system32\drivers\volsnap.sys
13:28:42.0461 0900 volsnap - ok
13:28:42.0786 0900 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\windows\system32\drivers\vsmraid.sys
13:28:42.0786 0900 vsmraid - ok
13:28:43.0238 0900 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\windows\system32\vssvc.exe
13:28:43.0457 0900 VSS - ok
13:28:43.0644 0900 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
13:28:43.0644 0900 vwifibus - ok
13:28:43.0722 0900 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
13:28:43.0753 0900 vwififlt - ok
13:28:43.0862 0900 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
13:28:43.0862 0900 vwifimp - ok
13:28:43.0940 0900 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\windows\system32\w32time.dll
13:28:43.0956 0900 W32Time - ok
13:28:44.0205 0900 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\windows\system32\drivers\wacompen.sys
13:28:44.0205 0900 WacomPen - ok
13:28:44.0595 0900 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
13:28:44.0673 0900 WANARP - ok
13:28:44.0705 0900 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
13:28:44.0705 0900 Wanarpv6 - ok
13:28:44.0845 0900 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
13:28:44.0876 0900 WatAdminSvc - ok
13:28:45.0095 0900 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\windows\system32\wbengine.exe
13:28:45.0157 0900 wbengine - ok
13:28:45.0219 0900 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
13:28:45.0235 0900 WbioSrvc - ok
13:28:45.0313 0900 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\windows\System32\wcncsvc.dll
13:28:45.0375 0900 wcncsvc - ok
13:28:45.0438 0900 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
13:28:45.0453 0900 WcsPlugInService - ok
13:28:45.0531 0900 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\windows\system32\drivers\wd.sys
13:28:45.0578 0900 Wd - ok
13:28:45.0781 0900 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
13:28:45.0968 0900 Wdf01000 - ok
13:28:46.0093 0900 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\windows\system32\wdi.dll
13:28:46.0093 0900 WdiServiceHost - ok
13:28:46.0140 0900 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\windows\system32\wdi.dll
13:28:46.0140 0900 WdiSystemHost - ok
13:28:46.0233 0900 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\windows\System32\webclnt.dll
13:28:46.0233 0900 WebClient - ok
13:28:46.0358 0900 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\windows\system32\wecsvc.dll
13:28:46.0374 0900 Wecsvc - ok
13:28:46.0467 0900 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\windows\System32\wercplsupport.dll
13:28:46.0467 0900 wercplsupport - ok
13:28:46.0514 0900 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\windows\System32\WerSvc.dll
13:28:46.0530 0900 WerSvc - ok
13:28:46.0561 0900 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
13:28:46.0561 0900 WfpLwf - ok
13:28:46.0623 0900 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\windows\system32\drivers\wimmount.sys
13:28:46.0623 0900 WIMMount - ok
13:28:46.0686 0900 WinDefend - ok
13:28:46.0764 0900 WinHttpAutoProxySvc - ok
13:28:46.0873 0900 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
13:28:46.0873 0900 Winmgmt - ok
13:28:47.0341 0900 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\windows\system32\WsmSvc.dll
13:28:47.0544 0900 WinRM - ok
13:28:47.0669 0900 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
13:28:47.0669 0900 WinUsb - ok
13:28:47.0871 0900 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\windows\System32\wlansvc.dll
13:28:47.0887 0900 Wlansvc - ok
13:28:48.0480 0900 [ 357CABBF155AFD1D3926E62539D2A3A7 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
13:28:48.0558 0900 wlidsvc - ok
13:28:48.0729 0900 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
13:28:48.0745 0900 WmiAcpi - ok
13:28:48.0979 0900 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
13:28:48.0979 0900 wmiApSrv - ok
13:28:49.0073 0900 WMPNetworkSvc - ok
13:28:49.0166 0900 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\windows\System32\wpcsvc.dll
13:28:49.0213 0900 WPCSvc - ok
13:28:49.0307 0900 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
13:28:49.0322 0900 WPDBusEnum - ok
13:28:49.0385 0900 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
13:28:49.0400 0900 ws2ifsl - ok
13:28:49.0494 0900 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\windows\system32\wscsvc.dll
13:28:49.0509 0900 wscsvc - ok
13:28:49.0587 0900 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\windows\system32\DRIVERS\WSDPrint.sys
13:28:49.0587 0900 WSDPrintDevice - ok
13:28:49.0650 0900 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\windows\system32\DRIVERS\WSDScan.sys
13:28:49.0650 0900 WSDScan - ok
13:28:49.0681 0900 WSearch - ok
13:28:49.0790 0900 WTService - ok
13:28:50.0196 0900 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\windows\system32\wuaueng.dll
13:28:50.0274 0900 wuauserv - ok
13:28:50.0742 0900 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\windows\system32\drivers\WudfPf.sys
13:28:50.0742 0900 WudfPf - ok
13:28:50.0804 0900 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
13:28:50.0820 0900 WUDFRd - ok
13:28:50.0898 0900 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\windows\System32\WUDFSvc.dll
13:28:50.0913 0900 wudfsvc - ok
13:28:50.0976 0900 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\windows\System32\wwansvc.dll
13:28:50.0991 0900 WwanSvc - ok
13:28:51.0101 0900 ================ Scan global ===============================
13:28:51.0288 0900 [ BA0CD8C393E8C9F83354106093832C7B ] C:\windows\system32\basesrv.dll
13:28:51.0475 0900 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
13:28:51.0491 0900 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\windows\system32\winsrv.dll
13:28:51.0584 0900 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\windows\system32\sxssrv.dll
13:28:51.0615 0900 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\windows\system32\services.exe
13:28:51.0631 0900 [Global] - ok
13:28:51.0631 0900 ================ Scan MBR ==================================
13:28:51.0647 0900 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:28:52.0442 0900 \Device\Harddisk0\DR0 - ok
13:28:52.0442 0900 ================ Scan VBR ==================================
13:28:52.0473 0900 [ E273B2E2A726B9D7BF7E3CDB70571077 ] \Device\Harddisk0\DR0\Partition1
13:28:52.0473 0900 \Device\Harddisk0\DR0\Partition1 - ok
13:28:52.0551 0900 [ 259E296025DDA5FC8EE1B95B19AD74D8 ] \Device\Harddisk0\DR0\Partition2
13:28:52.0551 0900 \Device\Harddisk0\DR0\Partition2 - ok
13:28:52.0598 0900 [ 5BD6EC8D4ADFB11114C829D506423F09 ] \Device\Harddisk0\DR0\Partition3
13:28:52.0598 0900 \Device\Harddisk0\DR0\Partition3 - ok
13:28:52.0598 0900 ============================================================
13:28:52.0598 0900 Scan finished
13:28:52.0598 0900 ============================================================
13:28:52.0614 6344 Detected object count: 1
13:28:52.0614 6344 Actual detected object count: 1
13:30:10.0491 6344 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
13:30:10.0491 6344 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip

I tried running aswMBR twice but it came up with a blue screen of death twice, both different each time. I couldn't really catch the full message but one came up with a message:
Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.768.3
Locale ID: 1033

Additional information about the problem:
BCCode: d1
BCP1: 0000000000BFE824
BCP2: 0000000000000002
BCP3: 0000000000000000
BCP4: FFFFF880010ACCE4
OS Version: 6_1_7601
Service Pack: 1_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\082712-23758-01.dmp
C:\Users\Seanna\AppData\Local\Temp\WER-80496-0.sysdata.xml

Read our privacy statement online:
http://go.microsoft.com/fwlink/?linkid=104288&clcid=0x0409

If the online privacy statement is not available, please read our privacy statement offline:
C:\windows\system32\en-US\erofflps.txt

after it restarted and the other message was lost.

#6 strawbaerie

strawbaerie
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 27 August 2012 - 11:04 PM

Here's the aswMBR log run in safe mode:

aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-27 17:10:36
-----------------------------
17:10:36.265 OS Version: Windows x64 6.1.7601 Service Pack 1
17:10:36.265 Number of processors: 4 586 0x2502
17:10:36.265 ComputerName: MICKY UserName:
17:10:37.217 Initialize success
17:10:48.542 AVAST engine defs: 12082700
17:10:58.136 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:10:58.136 Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
17:10:58.152 Disk 0 MBR read successfully
17:10:58.152 Disk 0 MBR scan
17:10:58.152 Disk 0 Windows 7 default MBR code
17:10:58.168 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 16384 MB offset 2048
17:10:58.214 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 200 MB offset 33556480
17:10:58.230 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 230178 MB offset 33966080
17:10:58.246 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 230176 MB offset 505370624
17:10:58.292 Disk 0 scanning C:\windows\system32\drivers
17:11:11.116 Service scanning
17:11:46.263 Modules scanning
17:11:46.263 Disk 0 trace - called modules:
17:11:46.309 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
17:11:46.309 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004bbd790]
17:11:46.309 3 CLASSPNP.SYS[fffff88001da143f] -> nt!IofCallDriver -> [0xfffffa80048c4640]
17:11:46.325 5 ACPI.sys[fffff88000f537a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004948050]
17:11:47.791 AVAST engine scan C:\windows
17:11:51.629 AVAST engine scan C:\windows\system32
17:15:34.179 AVAST engine scan C:\windows\system32\drivers
17:15:54.428 AVAST engine scan C:\Users\Seanna
20:09:10.177 AVAST engine scan C:\ProgramData
20:14:29.806 Scan finished successfully
20:54:13.287 Disk 0 MBR has been saved successfully to "C:\Users\Seanna\Desktop\MBR.dat"
20:54:13.287 The log file has been saved successfully to "C:\Users\Seanna\Desktop\aswMBR.txt"

#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:22 AM

Posted 27 August 2012 - 11:55 PM

Hello

Lets get a deeper look into the system and see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.
  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 strawbaerie

strawbaerie
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 28 August 2012 - 12:12 PM

OTL Log:

OTL logfile created on: 8/28/2012 9:32:19 AM - Run 1
OTL by OldTimer - Version 3.2.59.1 Folder = C:\Users\Seanna\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.80 Gb Total Physical Memory | 1.57 Gb Available Physical Memory | 41.26% Memory free
7.60 Gb Paging File | 4.95 Gb Available in Paging File | 65.11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 224.78 Gb Total Space | 75.62 Gb Free Space | 33.64% Space Free | Partition Type: NTFS
Drive D: | 224.78 Gb Total Space | 224.46 Gb Free Space | 99.86% Space Free | Partition Type: NTFS

Computer Name: MICKY | User Name: Seanna | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Seanna\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
PRC - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
PRC - C:\Users\Seanna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
PRC - C:\Users\Seanna\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Glary Utilities\initialize.exe (Glarysoft Ltd)
PRC - C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
PRC - C:\Program Files\Microsoft Office 15\root\office15\msosync.exe (Microsoft Corporation)
PRC - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
PRC - C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Users\Seanna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
PRC - C:\Users\Seanna\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\SugarSync\SugarSyncManager.exe (SugarSync, Inc.)
PRC - C:\Program Files (x86)\Google\Update\1.3.21.115\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
PRC - C:\Program Files (x86)\Box Edit\Box Edit.exe (Box)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.)
PRC - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
PRC - C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
PRC - C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
PRC - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.)


========== Modules (No Company Name) ==========

MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\win32api.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\_elementtree.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\_socket.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\win32com.shell.shell.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\wx._html2.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\wx._gdi_.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\pyexpat.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\win32crypt.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\windows._cacheinvalidation.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\wx._misc_.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\pythoncom26.dll ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\PyWinTypes26.dll ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\_ctypes.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\_ssl.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\wx._core_.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\wx._windows_.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\_hashlib.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\win32process.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\win32pdh.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\wx._controls_.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\wx._wizard.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\win32file.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\win32inet.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\unicodedata.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\win32event.pyd ()
MOD - C:\Users\Seanna\AppData\Local\Temp\_MEI42523\select.pyd ()
MOD - C:\Program Files (x86)\Innovative Solutions\DriverMax\sync.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\office15\1033\grooveintlresource.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\office15\jitv.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\c2r32.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll ()
MOD - C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll ()
MOD - C:\Users\Seanna\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl ()
MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl ()
MOD - C:\Program Files (x86)\Rainlendar2\plugins\iCalendarPlugin.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
MOD - C:\Program Files (x86)\Rainlendar2\lfs.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\lua52.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\623d2a0f11dd82bb9bc13d1cb981b239\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Evernote\Evernote\libtidy.dll ()
MOD - C:\Program Files (x86)\Evernote\Evernote\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_xrc_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxbase28u_xml_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_html_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_adv_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxmsw28u_core_vc_rny.dll ()
MOD - C:\Program Files (x86)\Rainlendar2\wxbase28u_vc_rny.dll ()
MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
MOD - C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (#UpdateService) -- C:\Program Files\Box Sync\UpdateService.exe (Box, Inc.)
SRV:64bit: - (OfficeSvc) -- C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Microsoft Corporation)
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV:64bit: - (VFPRadioSupportService) -- C:\Program Files\CSR\Bluetooth Feature Pack 5.0\VFPRadioSupportService.exe (CSR, plc)
SRV:64bit: - (WTService) -- C:\Windows\SysNative\atwtusb.exe ()
SRV:64bit: - (UpdateNaviInstallService) -- C:\Program Files\Fujitsu\fjdvrupd\updnvsrv.exe (FUJITSU LIMITED)
SRV:64bit: - (PowerSavingUtilityService) -- C:\Program Files\Fujitsu\PSUtility\PSUService.exe (FUJITSU LIMITED)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
SRV - (cbVSCService11) -- C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe (CobianSoft, Luis Cobian)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (Secunia PSI Agent) -- C:\Program Files (x86)\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- C:\Program Files (x86)\Secunia\PSI\sua.exe (Secunia)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Akamai) -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll ()
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (ScrybeUpdater) -- C:\Program Files (x86)\Synaptics\Scrybe\Service\ScrybeUpdater.exe (Synaptics, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (pmkbdfltr) -- C:\Windows\SysNative\drivers\pmkbdfltr.sys (PenMount)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (SmbDrvIntel) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (RTLE8023x64) -- C:\Windows\SysNative\drivers\Rtenic64.sys (Realtek Semiconductor Corporation )
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (libusb0) -- C:\Windows\SysNative\drivers\libusb0.sys (http://libusb-win32.sourceforge.net)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver.sys (Synaptics Incorporated)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (LPCFilter) -- C:\Windows\SysNative\drivers\LPCFilter.sys (COMPAL ELECTRONIC INC.)
DRV:64bit: - (Btcsrusb) -- C:\Windows\SysNative\drivers\btcusb.sys (IVT Corporation.)
DRV:64bit: - (MxEFUF) -- C:\Windows\SysNative\drivers\MxEFUF64.sys (Matrox Graphics Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (qicflt) -- C:\Windows\SysNative\drivers\qicflt.sys (Quanta Computer)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (PSI) -- C:\Windows\SysNative\drivers\psi_mf.sys (Secunia)
DRV:64bit: - (SSPORT) -- C:\Windows\SysNative\drivers\SSPORT.SYS (Samsung Electronics)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (smbusp) -- C:\Windows\SysNative\drivers\intelsmb.sys (Intel Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (vhidmini) -- C:\Windows\SysNative\drivers\walvhid.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (FBIOSDRV) -- C:\Windows\SysNative\drivers\FBIOSDRV.sys (FUJITSU LIMITED)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (moufiltr) -- C:\Windows\SysNative\drivers\moufiltr.sys (Windows ® Codename Longhorn DDK provider)
DRV:64bit: - (aiptektp) -- C:\Windows\SysNative\drivers\aiptektp.sys (WALTOP International Corp.)
DRV:64bit: - (FUJ02E3) -- C:\Windows\SysNative\drivers\fuj02e3.sys (FUJITSU LIMITED)
DRV:64bit: - (FUJ02B1) -- C:\Windows\SysNative\drivers\fuj02b1.sys (FUJITSU LIMITED)
DRV - (libusb0) -- C:\Windows\SysWOW64\drivers\libusb0.sys (http://libusb-win32.sourceforge.net)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aimright-chromesbox-en-us&tb_uuid=20120611071613119&tb_oid=11-06-2012&tb_mrud=11-06-2012


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\SOFTWARE\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://solutions.us.fujitsu.com/
IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://solutions.us.fujitsu.com/
IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\..\SearchScopes,BrowserMngrDefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\..\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}: "URL" = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&query={searchTerms}&invocationType=tb50-ie-aimright-chromesbox-en-us&tb_uuid=20120611071613119&tb_oid=11-06-2012&tb_mrud=11-06-2012
IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={0BD10A78-726D-4804-9AEF-7CDD506B19B6}&mid=8b79d2db594247d18d2ad16a6074b1d7-40475c6434f4ff1b0df09ab4fef8b6df90b32262&lang=en&ds=is015&pr=sa&d=2012-05-10 17:49:53&v=11.0.0.9&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\..\SearchScopes\{FF8A1BD1-E760-4A1A-9A7F-F1490569B5A6}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=112049&tt=140812_bandext_3312_8&babsrc=HP_ss&mntrId=4605c9af0000000000002ae400fb47fc"
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3503.0728: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Seanna\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Seanna\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Seanna\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Seanna\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\box.com/BoxEdit: C:\Program Files (x86)\Box Edit\npBoxEdit.dll (Box)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012/08/24 18:59:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/08/15 23:57:10 | 000,000,000 | ---D | M]

[2012/08/24 19:00:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seanna\AppData\Roaming\Mozilla\Extensions
[2012/08/24 19:05:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Seanna\AppData\Roaming\Mozilla\Firefox\Profiles\6l9w25a9.default\extensions
[2012/08/24 18:59:53 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/08/24 19:04:21 | 000,033,619 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\{578E7CAA-210F-4967-A0D3-88FE5B59A39F}.XPI
[2012/08/24 19:04:21 | 000,056,640 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\{A95D8332-E4B4-6E7F-98AC-20B733364387}.XPI
[2012/08/24 19:04:21 | 000,434,392 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\{D4DD63FA-01E4-46A7-B6B1-EDAB7D6AD389}.XPI
[2012/08/24 19:04:21 | 000,270,021 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\{E4A8A97B-F2ED-450B-B12D-EE082BA24781}.XPI
[2012/08/24 19:04:20 | 000,109,964 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\ADBLOCKPOPUPS@JESSEHAKANEN.NET.XPI
[2012/08/24 19:05:46 | 000,197,500 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\ARTUR.DUBOVOY@GMAIL.COM.XPI
[2012/08/24 19:04:20 | 000,047,822 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\BROWSERPROTECT@BROWSERPROTECT.COM.XPI
[2012/08/24 19:04:20 | 000,637,327 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\FEEDLY@DEVHD.XPI
[2012/08/24 19:04:20 | 000,214,920 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\GMAILWATCHER@SONTHAKIT.XPI
[2012/08/24 19:04:20 | 000,246,802 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\LAZARUS@INTERCLUE.COM.XPI
[2012/08/24 19:04:20 | 000,003,323 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\MOVABLEAPPBUTTON@MERCI.CHAO.XPI
[2012/08/24 19:04:20 | 000,330,316 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\PERSONAS@CHRISTOPHER.BEARD.XPI
[2012/08/24 19:05:46 | 000,033,396 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\UNDOCLOSEDTABSBUTTON@SUPERNOVA00.BIZ.XPI
[2012/08/24 19:04:20 | 000,011,510 | ---- | M] () (No name found) -- C:\USERS\SEANNA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\6L9W25A9.DEFAULT\EXTENSIONS\YOUTUBE2MP3@MONDAYX.DE.XPI
[2012/07/13 17:17:47 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012/07/13 17:16:36 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012/07/13 17:16:36 | 000,002,040 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\twitter.xml

========== Chrome ==========

CHR - homepage: http://search.babylon.com/?affID=112049&tt=140812_bandext_3312_8&babsrc=HP_ss&mntrId=4605c9af0000000000002ae400fb47fc
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://search.babylon.com/?affID=112049&tt=140812_bandext_3312_8&babsrc=HP_ss&mntrId=4605c9af0000000000002ae400fb47fc
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Seanna\AppData\Local\Google\Chrome\Application\21.0.1180.60\PepperFlash\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Seanna\AppData\Local\Google\Chrome\Application\21.0.1180.83\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_270.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Seanna\AppData\Local\Google\Chrome\Application\21.0.1180.83\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Seanna\AppData\Local\Google\Chrome\Application\21.0.1180.83\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: downloadUpdater (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
CHR - plugin: downloadUpdater2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin8.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Seanna\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Seanna\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2013 (Enabled) = C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
CHR - plugin: Box Edit (Enabled) = C:\Program Files (x86)\Box Edit\npBoxEdit.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Java™ Platform SE 7 U5 (Enabled) = C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
CHR - plugin: Java Deployment Toolkit 7.0.50.255 (Enabled) = C:\windows\SysWOW64\npDeployJava1.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
CHR - Extension: Google Translate = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb\1.2.4_0\
CHR - Extension: Bejeweled = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\
CHR - Extension: Gojee = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb\2.5_0\
CHR - Extension: Angry Birds = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.1_0\
CHR - Extension: Shortcuts for Google\u2122 = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\baohinapilmkigilbbbcccncoljkdpnd\1.6.4.2_0\
CHR - Extension: WOT = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.3.1_0\
CHR - Extension: YouTube = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google+ Notifications = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\boemmnepglcoinjcdlfcpcbmhiecichi\1.0.1.619_0\
CHR - Extension: Adblock Plus (Beta) = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.2_0\
CHR - Extension: AdBlock+ = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\chmimgmjdabgiilljdjfbonifbhiglao\1.1.9.18_0\
CHR - Extension: Google Search = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Read Later Fast = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\decdfngdidijkdjgbknlnepdljfaepji\1.5.2_0\
CHR - Extension: 20 Things I Learned About Browsers & the Web = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfdlnlenokgjjchimonbekcmnofmlibg\0.91_0\
CHR - Extension: Speed Dial = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi\2.2_0\
CHR - Extension: Timer = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\edebbhkhcaafmolanelponjjanocpacd\1.7.6_0\
CHR - Extension: Producteev = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\effanfjandoefieknkdjjbfpmhdndfnf\3_0\
CHR - Extension: Email Game = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbobaphhmjpchjknfpcnlhcbkjbclge\0.2_0\
CHR - Extension: Gmail Offline = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: Google Calendar = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Box - 5 GB Free Storage = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl\1.1.6_0\
CHR - Extension: College Packing List = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\elklcloihbelbcfpelbinoipbonnflea\1.1.2_0\
CHR - Extension: After the Deadline = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcdjadjbdihbaodagojiomdljhjhjfho\1.2_0\
CHR - Extension: Folders.io = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fejcmoakmdmhpoohnaogbohbficjajmh\1.0.5_0\
CHR - Extension: Wunderlist = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjliknjliaohjgjajlgolhijphojjdkc\1.0.2_0\
CHR - Extension: Springpad = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkmopoamfjnmppabeaphohombnjcjgla\6_0\
CHR - Extension: PowerInbox = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmmgljeemhhajnponhffhpjioiclpmbh\1.0.3.7466_0\
CHR - Extension: Simple Window Saver = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfmklldfnlcblofkhdeoohfppdoejdc\1.3_0\
CHR - Extension: Attachments.me for Gmail = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdgofjdapkmlgpgjfielacjckplcdjjk\1.6.15_0\
CHR - Extension: Any New Books = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gefphpbilnknofmmmjlgekgeclgajehk\1.1_0\
CHR - Extension: AdBlock = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.41_0\
CHR - Extension: Metric Conversion Chart = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfjgliedcooajpeddcfjhibeobflojbm\0.0.0.2_0\
CHR - Extension: feedly = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob\10.2.437_0\
CHR - Extension: Marvel Comics = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjhfaknohpjconjoefidanhihokmkice\1.0.0.0_0\
CHR - Extension: Vimeo Couch Mode = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjkdhkejcnlmkfdodbkdkelefnkobfif\1.0_0\
CHR - Extension: Vector Paint = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbpdiengicdefcjecjbnjnoifekhgdo\3.0.0.0_0\
CHR - Extension: Japanese Kana = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnhmomiblghhhfjleapinggmnjhinign\2.0.3_0\
CHR - Extension: Cloud Reader = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.4.0_0\
CHR - Extension: Popular Science Magazine = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\jandpncjemdblbbjpbdbiccgldlefkgk\3_0\
CHR - Extension: BBC Good Food = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnkffnoliaheoidfeejcmnidkkgilkja\5_0\
CHR - Extension: StumbleUpon = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcahibnffhnnjcedflmchmokndkjnhpg\4.7.12.1_0\
CHR - Extension: Autodesk Homestyler = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb\2.2_0\
CHR - Extension: Pinterest Pin It Button (by Shareaholic) = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfjkehmceppcpjoaoegdmffmkdhiegmc\1.0.1_0\
CHR - Extension: Little Alchemy = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd\0.0.12_0\
CHR - Extension: Picozu = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lajpehananomepaahgohcnmgkgmkhogf\1.0.1_0\
CHR - Extension: Evernote Web = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol\1.0.7_0\
CHR - Extension: Google Maps = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh\5.2.4_0\
CHR - Extension: Lazarus: Form Recovery = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\loljledaigphbcpfhfmgopdkppkifgno\3.0.5_0\
CHR - Extension: Word\u00B2 = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpibnckjjeaabeepofhfmmpjmnomohee\2.5_0\
CHR - Extension: Reload All Tabs = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpkdnfkjhdkcpimadpdcgapffceacjem\1.2_0\
CHR - Extension: Large Document = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mccldfhipgghpkkamlldhiajioepaklb\2.45_0\
CHR - Extension: Google Dictionary (by Google) = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja\3.0.15_0\
CHR - Extension: Plants vs Zombies = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmcegpfdgcoclcdfkjahiimlikdpnina\1.0.5_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.5.6_0\
CHR - Extension: AutoPager Chrome = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmgagnmbebdebebbcleklifnobamjonh\0.7.1.4_0\
CHR - Extension: Google Play Books = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmimngoggfoobjdlefbcabngfnmieonb\1.1.3_0\
CHR - Extension: Incredible StartPage - Productive Start Page for Chrome! = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdfeghkpohnalmpblddmnppfooljekh\1.5.2_0\
CHR - Extension: Pocket (formerly Read It Later) = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.1.3_0\
CHR - Extension: GIFPAL = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch\1.2_0\
CHR - Extension: dA Message Notifier = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocinjngecpdhlnhggcnhjdpengmifjdl\0.6.2.2_0\
CHR - Extension: Checker Plus for Gmail\u2122 = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\10.4_0\
CHR - Extension: Readability = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\oknpjjbmpnndlpmnhmekjpocelpnlfdi\1.12_0\
CHR - Extension: Evernote Web Clipper = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\5.6_0\
CHR - Extension: Gmail = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Canvas Rider = C:\Users\Seanna\AppData\Local\Google\Chrome\User Data\Default\Extensions\poknhlcknimnnbfcombaooklofipaibk\0.7_0\

O1 HOSTS File: ([2012/08/24 17:41:44 | 000,443,281 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15252 more lines...
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - No CLSID value found.
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft SPFS Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [BoxSyncHelper] C:\Program Files\Box Sync\BoxSyncHelper.exe (Box, Inc.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\fjdvrupd\updatenv.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\Application Panel\BtnHnd.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [LoadFujitsuQuickTouch] C:\Program Files\Fujitsu\Application Panel\QuickTouch.exe (FUJITSU LIMITED)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MacroKeyManager] C:\windows\SysNative\WTMKM.exe ()
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Unattend0000000001{64E719DC-345C-4481-A790-E1BE418BBCCD}] C:\Fujitsu\ClickMe\LogonCommands\GExc.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [IndicatorUtility] C:\Program Files (x86)\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [LoadFUJ02E3] C:\Program Files (x86)\Fujitsu\FUJ02E3\FUJ02E3.exe (FUJITSU LIMITED)
O4 - HKLM..\Run: [Samsung PanelMgr] C:\Windows\Samsung\PanelMgr\SSMMgr.exe ()
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [Akamai NetSession Interface] C:\Users\Seanna\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [DriverMax] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [DriverMax_RESTART] C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe (Innovative Solutions)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [FileHippo.com] C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe (FileHippo.com)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe ()
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [SkyDrive] C:\Users\Seanna\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [Spotify Web Helper] C:\Users\Seanna\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe ()
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [SugarSync] C:\Program Files (x86)\SugarSync\SugarSyncManager.exe (SugarSync, Inc.)
O4 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O4 - Startup: C:\Users\Seanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Seanna\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Seanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk = C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Seanna\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Seanna\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: Add to Evernote 4.0 - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Free YouTube Download - C:\Users\Seanna\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Seanna\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Microsoft Lync add-on - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\..Trusted Domains: samsungsetup.com ([www] http in Trusted sites)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.6.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{91A6DE15-D7CD-4CF3-A0FF-8F49170B8E6B}: DhcpNameServer = 192.168.1.1 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - AppInit_DLLs: (c:\PROGRA~3\BROWSE~1\22565~1.25\{16CDF~1\browsemngr.dll) - c:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (sdnclean64.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/08/28 09:30:43 | 000,598,528 | ---- | C] (OldTimer Tools) -- C:\Users\Seanna\Desktop\OTL.exe
[2012/08/27 13:23:26 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Seanna\Desktop\aswMBR.exe
[2012/08/27 13:23:13 | 002,211,928 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Seanna\Desktop\tdsskiller.exe
[2012/08/27 10:33:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/08/27 10:31:56 | 000,000,000 | ---D | C] -- C:\windows\temp
[2012/08/27 10:13:43 | 000,518,144 | ---- | C] (SteelWerX) -- C:\windows\SWREG.exe
[2012/08/27 10:13:43 | 000,406,528 | ---- | C] (SteelWerX) -- C:\windows\SWSC.exe
[2012/08/27 10:13:43 | 000,060,416 | ---- | C] (NirSoft) -- C:\windows\NIRCMD.exe
[2012/08/27 10:13:34 | 000,000,000 | ---D | C] -- C:\Qoobox
[2012/08/27 09:47:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012/08/27 09:47:25 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012/08/27 09:41:22 | 004,738,846 | R--- | C] (Swearware) -- C:\Users\Seanna\Desktop\ComboFix.exe
[2012/08/24 20:13:14 | 000,607,260 | R--- | C] (Swearware) -- C:\Users\Seanna\Desktop\dds.com
[2012/08/24 18:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2012/08/24 18:59:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2012/08/23 22:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Box Sync
[2012/08/23 22:31:58 | 000,000,000 | ---D | C] -- C:\Program Files\Box Sync
[2012/08/22 18:06:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7
[2012/08/22 18:06:12 | 000,000,000 | ---D | C] -- C:\Python27
[2012/08/22 16:34:51 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2012/08/22 14:36:33 | 000,000,000 | ---D | C] -- C:\Users\Seanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2012/08/22 14:36:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VS Revo Group
[2012/08/19 12:32:06 | 000,000,000 | ---D | C] -- C:\windows\ERDNT
[2012/08/19 00:28:32 | 000,000,000 | ---D | C] -- C:\Users\Seanna\DoctorWeb
[2012/08/19 00:24:41 | 000,000,000 | ---D | C] -- C:\Users\Seanna\AppData\Local\Secunia PSI
[2012/08/19 00:24:16 | 000,256,904 | ---- | C] (Trend Micro Inc.) -- C:\windows\SysWow64\drivers\tmcomm.sys
[2012/08/19 00:24:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Secunia
[2012/08/19 00:01:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
[2012/08/19 00:01:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cobian Backup 11
[2012/08/18 22:25:45 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/08/17 23:12:14 | 000,000,000 | ---D | C] -- C:\Users\Seanna\AppData\Roaming\Malwarebytes
[2012/08/17 23:12:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012/08/17 23:11:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012/08/17 23:11:50 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\windows\SysNative\drivers\mbam.sys
[2012/08/17 23:11:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012/08/17 22:47:13 | 000,000,000 | ---D | C] -- C:\Users\Seanna\AppData\Roaming\Safer Networking
[2012/08/17 22:45:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Safer Networking
[2012/08/17 21:35:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2012/08/16 20:05:29 | 000,007,680 | ---- | C] (Windows ® Codename Longhorn DDK provider) -- C:\windows\SysNative\drivers\moufiltr.sys
[2012/08/16 20:05:29 | 000,007,552 | ---- | C] (Windows ® Win 7 DDK provider) -- C:\windows\SysNative\drivers\walvhid.sys
[2012/08/16 20:05:29 | 000,000,000 | ---D | C] -- C:\windows\vhid
[2012/08/16 20:04:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MacroKey Manager
[2012/08/16 20:04:34 | 000,000,000 | ---D | C] -- C:\windows\udtablet
[2012/08/16 20:04:21 | 000,000,000 | ---D | C] -- C:\windows\calib_da
[2012/08/16 19:40:50 | 000,000,000 | ---D | C] -- C:\Users\Seanna\AppData\Local\Adobe
[2012/08/16 14:54:34 | 000,000,000 | -H-D | C] -- C:\Users\Seanna\Documents\ShadowEditFiles
[2012/08/16 14:52:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
[2012/08/16 14:51:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Evernote
[2012/08/16 01:49:51 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\Extensions
[2012/08/16 01:49:48 | 000,000,000 | ---D | C] -- C:\windows\SysWow64\searchplugins
[2012/08/15 23:57:14 | 000,000,000 | ---D | C] -- C:\Users\Seanna\Start Menu
[2012/08/15 23:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2012/08/15 18:55:34 | 000,027,960 | ---- | C] (Synaptics Incorporated) -- C:\windows\SysNative\drivers\Smb_driver_Intel.sys
[2012/08/15 15:33:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Windows Genuine Advantage
[2012/08/15 12:33:50 | 000,289,768 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe
[2012/08/15 12:33:27 | 000,189,416 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe
[2012/08/15 12:33:27 | 000,188,904 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\java.exe
[2012/08/15 12:33:27 | 000,108,008 | ---- | C] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2012/08/15 11:46:50 | 000,000,000 | ---D | C] -- C:\windows\CheckSur
[2012/08/15 10:44:39 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\mshtmled.dll
[2012/08/15 10:44:39 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\mshtmled.dll
[2012/08/15 10:44:35 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\url.dll
[2012/08/15 10:44:35 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\url.dll
[2012/08/15 10:44:32 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieui.dll
[2012/08/15 10:44:31 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieui.dll
[2012/08/15 10:44:30 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\ieUnatt.exe
[2012/08/15 10:44:30 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\ieUnatt.exe
[2012/08/15 10:44:28 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\inetcpl.cpl
[2012/08/15 10:44:28 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\inetcpl.cpl
[2012/08/15 10:44:26 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript9.dll
[2012/08/15 10:44:23 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\jscript.dll
[2012/08/15 10:44:22 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\jscript.dll
[2012/08/14 22:36:20 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\netapi32.dll
[2012/08/14 22:36:20 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\browcli.dll
[2012/08/14 22:36:19 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\browcli.dll
[2012/08/14 22:36:04 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\win32spl.dll
[2012/08/14 22:36:02 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\win32spl.dll
[2012/08/14 22:36:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\windows\splwow64.exe
[2012/08/14 22:21:08 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\localspl.dll
[2012/08/14 17:04:10 | 003,718,144 | ---- | C] (Qualcomm Atheros Communications, Inc.) -- C:\windows\SysNative\drivers\athrx.sys
[2012/08/13 17:33:16 | 000,018,832 | ---- | C] (PenMount) -- C:\windows\SysNative\drivers\pmkbdfltr.sys
[2012/08/12 22:02:59 | 000,000,000 | ---D | C] -- C:\Users\Seanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CNET TechTracker
[2012/08/12 21:02:39 | 000,000,000 | ---D | C] -- C:\windows\en
[2012/08/12 20:55:30 | 000,057,280 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\fssfltr.sys
[2012/08/12 20:52:50 | 000,527,192 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAudio2_7.dll
[2012/08/12 20:52:50 | 000,518,488 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAudio2_7.dll
[2012/08/12 20:52:50 | 000,077,656 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\XAPOFX1_5.dll
[2012/08/12 20:52:50 | 000,074,072 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\XAPOFX1_5.dll
[2012/08/12 20:52:49 | 002,526,056 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\D3DCompiler_43.dll
[2012/08/12 20:52:49 | 002,106,216 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\D3DCompiler_43.dll
[2012/08/12 20:52:48 | 000,276,832 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\d3dx11_43.dll
[2012/08/12 20:52:48 | 000,248,672 | ---- | C] (Microsoft Corporation) -- C:\windows\SysWow64\d3dx11_43.dll
[2012/08/05 19:52:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2012/08/05 19:51:29 | 000,000,000 | ---D | C] -- C:\Users\Seanna\AppData\Roaming\Leadertech
[2012/08/05 19:51:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\LogiShrd
[2012/08/05 19:51:08 | 000,018,960 | ---- | C] (Logitech, Inc.) -- C:\windows\SysNative\drivers\LNonPnP.sys
[2012/08/05 19:50:00 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\LogiShrd
[2012/08/05 19:49:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2012/08/05 19:49:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Logishrd
[2012/08/05 19:49:32 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech
[2012/08/05 19:48:15 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Logishrd
[2012/08/05 19:45:32 | 000,000,000 | ---D | C] -- C:\Users\Seanna\AppData\Roaming\Logitech
[2012/08/05 19:45:32 | 000,000,000 | ---D | C] -- C:\Users\Seanna\AppData\Roaming\Logishrd
[2012/08/02 18:16:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2012/08/02 18:16:03 | 000,126,312 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\GEARAspi64.dll
[2012/08/02 18:16:03 | 000,107,368 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysWow64\GEARAspi.dll
[2012/08/02 18:16:03 | 000,034,152 | ---- | C] (GEAR Software Inc.) -- C:\windows\SysNative\drivers\GEARAspiWDM.sys
[2012/08/02 18:14:38 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2012/08/02 18:14:36 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2012/08/02 18:14:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2012/08/02 17:28:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2012/08/02 17:28:52 | 000,000,000 | ---D | C] -- C:\Users\Seanna\AppData\Roaming\Adobe
[2012/08/02 14:05:12 | 000,000,000 | ---D | C] -- C:\found.000
[2012/07/30 15:59:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Roxio
[2011/02/21 23:15:26 | 001,228,400 | ---- | C] (Adobe Systems Incorporated) -- C:\Users\Seanna\Photoshop_12_LS1.exe

========== Files - Modified Within 30 Days ==========

[2012/08/28 09:56:10 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2012/08/28 09:50:06 | 000,000,898 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/08/28 09:38:05 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/08/28 09:38:05 | 000,009,920 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/08/28 09:32:53 | 000,000,326 | ---- | M] () -- C:\windows\tasks\GlaryInitialize.job
[2012/08/28 09:28:57 | 000,000,894 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/08/28 09:27:45 | 3061,227,520 | -HS- | M] () -- C:\hiberfil.sys
[2012/08/28 09:21:04 | 000,598,528 | ---- | M] (OldTimer Tools) -- C:\Users\Seanna\Desktop\OTL.exe
[2012/08/27 20:54:13 | 000,000,512 | ---- | M] () -- C:\Users\Seanna\Desktop\MBR.dat
[2012/08/27 16:16:02 | 000,000,912 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1324127554-2673374786-2514842295-1000UA.job
[2012/08/27 15:16:04 | 000,000,860 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1324127554-2673374786-2514842295-1000Core.job
[2012/08/27 13:16:28 | 002,211,928 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Seanna\Desktop\tdsskiller.exe
[2012/08/27 13:16:25 | 004,731,392 | ---- | M] (AVAST Software) -- C:\Users\Seanna\Desktop\aswMBR.exe
[2012/08/27 09:47:49 | 000,001,945 | ---- | M] () -- C:\windows\epplauncher.mif
[2012/08/27 09:47:33 | 000,800,940 | ---- | M] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2012/08/27 09:47:33 | 000,665,600 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2012/08/27 09:47:33 | 000,123,336 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2012/08/27 09:32:12 | 004,738,846 | R--- | M] (Swearware) -- C:\Users\Seanna\Desktop\ComboFix.exe
[2012/08/27 09:31:49 | 000,881,581 | ---- | M] () -- C:\Users\Seanna\Desktop\SecurityCheck.exe
[2012/08/24 20:15:06 | 000,000,000 | ---- | M] () -- C:\Users\Seanna\defogger_reenable
[2012/08/24 20:13:06 | 000,607,260 | R--- | M] (Swearware) -- C:\Users\Seanna\Desktop\dds.com
[2012/08/24 20:12:34 | 000,050,477 | ---- | M] () -- C:\Users\Seanna\Desktop\Defogger.exe
[2012/08/24 19:45:18 | 000,786,854 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2012/08/24 19:00:00 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/24 17:41:44 | 000,443,281 | R--- | M] () -- C:\windows\SysNative\drivers\etc\hosts
[2012/08/24 11:35:36 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012/08/23 22:34:46 | 000,001,530 | ---- | M] () -- C:\Users\Seanna\Desktop\My Box Files.lnk
[2012/08/23 22:32:14 | 000,001,854 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk
[2012/08/23 18:57:58 | 008,532,565 | ---- | M] () -- C:\Users\Seanna\Desktop\When Love Walk In.mp3
[2012/08/23 16:42:42 | 000,001,891 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Edit.lnk
[2012/08/23 16:38:58 | 000,001,867 | ---- | M] () -- C:\Users\Seanna\Desktop\Yawcam.lnk
[2012/08/22 20:14:41 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2012/08/22 18:25:33 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2012/08/22 18:25:33 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/08/22 16:39:51 | 000,000,892 | ---- | M] () -- C:\Users\Seanna\Desktop\GIMP 2.lnk
[2012/08/22 14:36:33 | 000,001,268 | ---- | M] () -- C:\Users\Seanna\Desktop\Revo Uninstaller.lnk
[2012/08/21 18:18:15 | 000,002,420 | ---- | M] () -- C:\Users\Seanna\Desktop\Google Chrome.lnk
[2012/08/20 18:02:24 | 000,000,320 | ---- | M] () -- C:\windows\tasks\Spybot - Search & Destroy - Scheduled Task.job
[2012/08/19 22:34:39 | 000,000,191 | ---- | M] () -- C:\windows\wininit.ini
[2012/08/19 17:41:03 | 000,006,696 | ---- | M] () -- C:\bootsqm.dat
[2012/08/19 16:28:40 | 000,001,110 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/08/19 01:12:20 | 000,227,742 | ---- | M] () -- C:\Users\Seanna\AppData\Local\census.cache
[2012/08/19 01:11:31 | 000,128,779 | ---- | M] () -- C:\Users\Seanna\AppData\Local\ars.cache
[2012/08/19 00:21:14 | 000,000,036 | ---- | M] () -- C:\Users\Seanna\AppData\Local\housecall.guid.cache
[2012/08/17 23:12:05 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/16 17:28:19 | 000,000,132 | ---- | M] () -- C:\Users\Seanna\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/08/15 12:33:18 | 000,108,008 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\WindowsAccessBridge-64.dll
[2012/08/15 12:33:15 | 000,289,768 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaws.exe
[2012/08/15 12:33:15 | 000,189,416 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\javaw.exe
[2012/08/15 12:33:15 | 000,188,904 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\java.exe
[2012/08/15 12:33:14 | 001,034,216 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\npdeployJava1.dll
[2012/08/15 12:33:14 | 000,916,456 | ---- | M] (Oracle Corporation) -- C:\windows\SysNative\deployJava1.dll
[2012/08/15 11:32:51 | 005,133,336 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2012/08/12 22:10:04 | 000,000,982 | ---- | M] () -- C:\Users\Seanna\Desktop\Dropbox.lnk
[2012/08/12 22:10:04 | 000,000,962 | ---- | M] () -- C:\Users\Seanna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2012/08/12 21:54:04 | 000,001,238 | ---- | M] () -- C:\Users\Seanna\Desktop\DriverMax.lnk
[2012/08/12 20:47:33 | 000,001,070 | ---- | M] () -- C:\Users\Seanna\Desktop\Glary Utilities.lnk
[2012/08/07 17:58:51 | 001,163,409 | ---- | M] () -- C:\Users\Seanna\Desktop\ClassSchedule2012Fall.pdf
[2012/08/05 19:51:08 | 000,018,960 | ---- | M] (Logitech, Inc.) -- C:\windows\SysNative\drivers\LNonPnP.sys
[2012/08/02 18:16:09 | 000,001,783 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/08/01 16:01:14 | 000,018,832 | ---- | M] (PenMount) -- C:\windows\SysNative\drivers\pmkbdfltr.sys

========== Files Created - No Company Name ==========

[2012/08/27 20:54:13 | 000,000,512 | ---- | C] () -- C:\Users\Seanna\Desktop\MBR.dat
[2012/08/27 10:13:43 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2012/08/27 10:13:43 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2012/08/27 10:13:43 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2012/08/27 10:13:43 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2012/08/27 10:13:43 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2012/08/27 09:47:38 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012/08/27 09:37:17 | 000,881,581 | ---- | C] () -- C:\Users\Seanna\Desktop\SecurityCheck.exe
[2012/08/24 20:15:06 | 000,000,000 | ---- | C] () -- C:\Users\Seanna\defogger_reenable
[2012/08/24 20:12:49 | 000,050,477 | ---- | C] () -- C:\Users\Seanna\Desktop\Defogger.exe
[2012/08/24 19:00:00 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012/08/24 19:00:00 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012/08/23 22:32:14 | 000,001,854 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Box Sync.lnk
[2012/08/23 22:20:00 | 008,532,565 | ---- | C] () -- C:\Users\Seanna\Desktop\When Love Walk In.mp3
[2012/08/22 16:39:51 | 000,000,892 | ---- | C] () -- C:\Users\Seanna\Desktop\GIMP 2.lnk
[2012/08/22 16:36:41 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2012/08/22 14:36:33 | 000,001,268 | ---- | C] () -- C:\Users\Seanna\Desktop\Revo Uninstaller.lnk
[2012/08/19 17:41:03 | 000,006,696 | ---- | C] () -- C:\bootsqm.dat
[2012/08/19 16:28:40 | 000,001,110 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk
[2012/08/19 16:28:40 | 000,001,073 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
[2012/08/19 01:12:20 | 000,227,742 | ---- | C] () -- C:\Users\Seanna\AppData\Local\census.cache
[2012/08/19 01:11:31 | 000,128,779 | ---- | C] () -- C:\Users\Seanna\AppData\Local\ars.cache
[2012/08/19 00:21:14 | 000,000,036 | ---- | C] () -- C:\Users\Seanna\AppData\Local\housecall.guid.cache
[2012/08/17 23:12:05 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/08/16 20:05:27 | 000,010,251 | ---- | C] () -- C:\windows\SysNative\Default_2.ini
[2012/08/16 20:05:27 | 000,009,868 | ---- | C] () -- C:\windows\SysNative\Default_1.ini
[2012/08/16 20:05:27 | 000,000,653 | ---- | C] () -- C:\windows\SysNative\MKProfile.ini
[2012/08/16 20:04:36 | 002,772,543 | ---- | C] () -- C:\windows\help.pdf
[2012/08/16 20:04:21 | 000,008,229 | ---- | C] () -- C:\windows\aiptbl.ini
[2012/08/12 21:01:25 | 000,001,305 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
[2012/08/12 21:00:28 | 000,001,374 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
[2012/08/07 17:58:51 | 001,163,409 | ---- | C] () -- C:\Users\Seanna\Desktop\ClassSchedule2012Fall.pdf
[2012/08/02 18:16:09 | 000,001,783 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2012/07/08 23:24:16 | 000,000,191 | ---- | C] () -- C:\windows\wininit.ini
[2012/03/17 22:58:05 | 000,001,496 | ---- | C] () -- C:\Users\Seanna\.recently-used.xbel
[2012/03/06 21:09:50 | 000,205,100 | -H-- | C] () -- C:\windows\SysWow64\mlfcache.dat
[2012/03/03 00:22:05 | 000,001,456 | ---- | C] () -- C:\Users\Seanna\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012/03/01 01:58:19 | 000,000,132 | ---- | C] () -- C:\Users\Seanna\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/02/05 16:50:08 | 013,904,384 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2011/12/28 19:54:27 | 000,493,432 | ---- | C] () -- C:\windows\ssndii.exe
[2011/10/24 21:25:32 | 000,000,281 | ---- | C] () -- C:\windows\EReg072.dat
[2011/06/04 18:08:01 | 000,066,856 | ---- | C] () -- C:\windows\SysWow64\SynTPEnhPS.dll
[2011/05/17 17:09:56 | 000,867,020 | ---- | C] () -- C:\windows\SysWow64\igkrng575.bin
[2011/05/17 17:09:48 | 000,105,608 | ---- | C] () -- C:\windows\SysWow64\igfcg575m.bin
[2011/04/23 14:59:29 | 000,128,204 | ---- | C] () -- C:\windows\SysWow64\igcompkrng575.bin
[2011/03/30 23:55:54 | 000,003,584 | ---- | C] () -- C:\Users\Seanna\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/02/21 23:15:27 | 1026,293,791 | ---- | C] () -- C:\Users\Seanna\Photoshop_12_LS1.7z
[2011/01/09 16:27:20 | 000,000,017 | ---- | C] () -- C:\Users\Seanna\.javafx_ping_sent
[2011/01/09 16:27:19 | 000,000,000 | ---- | C] () -- C:\Users\Seanna\.javafx_eula_accepted
[2010/12/31 14:13:37 | 000,000,145 | ---- | C] () -- C:\Users\Seanna\.appletviewer
[2010/12/27 02:44:26 | 000,800,940 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2010/12/27 01:29:55 | 000,000,000 | ---- | C] () -- C:\windows\nsreg.dat
[2010/12/27 01:07:30 | 000,073,220 | ---- | C] () -- C:\windows\SysWow64\EPPICPrinterDB.dat
[2010/12/27 01:07:30 | 000,031,053 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern131.dat
[2010/12/27 01:07:30 | 000,029,114 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern1.dat
[2010/12/27 01:07:30 | 000,027,417 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern121.dat
[2010/12/27 01:07:30 | 000,021,021 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern3.dat
[2010/12/27 01:07:30 | 000,015,670 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern5.dat
[2010/12/27 01:07:30 | 000,013,280 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern2.dat
[2010/12/27 01:07:30 | 000,010,673 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern4.dat
[2010/12/27 01:07:30 | 000,004,943 | ---- | C] () -- C:\windows\SysWow64\EPPICPattern6.dat
[2010/12/27 01:07:30 | 000,001,140 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_PT.dat
[2010/12/27 01:07:30 | 000,001,140 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_BP.dat
[2010/12/27 01:07:30 | 000,001,137 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_ES.dat
[2010/12/27 01:07:30 | 000,001,130 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_FR.dat
[2010/12/27 01:07:30 | 000,001,130 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_CF.dat
[2010/12/27 01:07:30 | 000,001,104 | ---- | C] () -- C:\windows\SysWow64\EPPICPresetData_EN.dat
[2010/12/27 01:07:30 | 000,000,097 | ---- | C] () -- C:\windows\SysWow64\PICSDK.ini

< End of report >

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:22 AM

Posted 28 August 2012 - 07:25 PM

Hello

Run this custom script and when it is complete I need to know how the computer is doing

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the Posted Image textbox. Do not include the word Code
    :OTL
    FF - user.js - File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_4_402_265.dll File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@nexon.net/NxGame: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll File not found
    O2 - BHO: (no name) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\osf - No CLSID value found
    O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
    PRC - C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
    SRV - (Browser Manager) -- C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe ()
    IE - HKU\S-1-5-21-1324127554-2673374786-2514842295-1000\..\SearchScopes\{FF8A1BD1-E760-4A1A-9A7F-F1490569B5A6}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
    FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
    FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
    FF - prefs.js..browser.search.selectedEngine: "Search the web (Babylon)"
    FF - prefs.js..browser.search.useDBForOrder: true
    FF - prefs.js..browser.startup.homepage: "http://search.babylon.com/?affID=112049&tt=140812_bandext_3312_8&babsrc=HP_ss&mntrId=4605c9af0000000000002ae400fb47fc"
    FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8}: C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension [2012/08/15 23:57:10 | 000,000,000 | ---D | M]
    [2012/08/15 23:57:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
    :Files
    ipconfig /flushdns /c
    :Commands
    [PURITY]
    [emptyjava]
    [EMPTYFLASH]
    
  • Then click the Run Fix button at the top.
  • Click Posted Image.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

Let me know How things are doing

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 strawbaerie

strawbaerie
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 28 August 2012 - 10:08 PM

It seems to be working great, it's gone from Firefox. Thanks so much! Also I figured out what the startup window was: macrokey manager. However I'm not sure if it is related but Windows Update is either stalling on updates like windows 7 security updates or just not being able to search for new updates(code 80004002)...

Here's the log:

========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@nexon.net/NxGame\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\osf\ deleted successfully.
File Protocol\Handler\osf - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet:/pagefile deleted successfully.
Process browsemngr.exe killed successfully!
Service Browser Manager stopped successfully!
Service Browser Manager deleted successfully!
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe moved successfully.
Registry key HKEY_USERS\S-1-5-21-1324127554-2673374786-2514842295-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FF8A1BD1-E760-4A1A-9A7F-F1490569B5A6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF8A1BD1-E760-4A1A-9A7F-F1490569B5A6}\ not found.
Prefs.js: "Search the web (Babylon)" removed from browser.search.defaultenginename
Prefs.js: "Search the web (Babylon)" removed from browser.search.order.1
Prefs.js: "Search the web (Babylon)" removed from browser.search.selectedEngine
Prefs.js: true removed from browser.search.useDBForOrder
Prefs.js: "http://search.babylon.com/?affID=112049&tt=140812_bandext_3312_8&babsrc=HP_ss&mntrId=4605c9af0000000000002ae400fb47fc" removed from browser.startup.homepage
Registry value HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{b64982b1-d112-42b5-b1e4-d3867c4533f8} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b64982b1-d112-42b5-b1e4-d3867c4533f8}\ not found.
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\content folder moved successfully.
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension\components folder moved successfully.
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension folder moved successfully.
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings folder moved successfully.
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\crashReports folder moved successfully.
C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753} folder moved successfully.
C:\ProgramData\Browser Manager\2.2.565.25 folder moved successfully.
C:\ProgramData\Browser Manager folder moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Seanna\Desktop\cmd.bat deleted successfully.
C:\Users\Seanna\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: Public

User: Seanna
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0.00 mb


[EMPTYFLASH]

User: All Users

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: Public

User: Seanna
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0.00 mb


OTL by OldTimer - Version 3.2.59.1 log created on 08282012_185800

#11 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:22 AM

Posted 28 August 2012 - 10:15 PM

run this file and restart the computer and check the updates


If asked to merge please allow

Attached Files


I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#12 strawbaerie

strawbaerie
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 28 August 2012 - 10:50 PM

It's still says: error occured while checking for new updates for your computer. Error(s) found Code 80004002

#13 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:22 AM

Posted 28 August 2012 - 11:08 PM

did you restart the computer?


gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#14 strawbaerie

strawbaerie
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:07:22 AM

Posted 28 August 2012 - 11:18 PM

yeah

#15 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:22 AM

Posted 28 August 2012 - 11:29 PM

Lets see if we can fix windows update


please go here Fix Windows Update and click on the Fix It Button
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users